From 82273bad33b38bc626fce785f01f4e14d3244ab3 Mon Sep 17 00:00:00 2001
From: josiahzimmerman-caci <josiah.zimmerman@caci.com>
Date: Fri, 17 Jan 2025 20:02:04 +0000
Subject: [PATCH] update docker runner tag; merge health check changes

---
 .gitlab-ci.yml | 101 +++++++++++++++++++++++++++----------------------
 1 file changed, 55 insertions(+), 46 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 23cd2a8fcb8..aacc2c61afb 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -884,7 +884,7 @@ integration_tests:
 integration_test_mtls:
   stage: test
   tags:
-    - $RUNNER_TAG
+    - $DOCKER_RUNNER_TAG
   image: $DOCKER_APP_IMAGE
   services:
     - name: docker:dind
@@ -917,22 +917,22 @@ integration_test_mtls:
     - *setup_milmove_env
     - *setup_env_intergration_mtls
   script:
+    - echo "TODO Add steps"
+    - echo "integration_test_mtls"
     - echo "Waiting for server to start"
     - dockerize -wait http://milmovelocal:4000 -timeout 5m
     - echo "Running E2E mTLS tests"
     - ./scripts/run-e2e-mtls-test
-    - echo "TODO Add steps"
-    - echo "integration_test_mtls"
   allow_failure: true
   after_script:
     - *announce_failure
   rules:
-    - *check_integration_mtls_ignore_branch
+   - *check_integration_mtls_ignore_branch
 
 integration_test_admin:
   stage: test
   tags:
-    - $RUNNER_TAG
+    - $DOCKER_RUNNER_TAG
   image: $DOCKER_APP_IMAGE
   services:
     - name: docker:dind
@@ -963,7 +963,7 @@ integration_test_admin:
     - pre_deps_golang
     - compile_app_client
     - compile_app_server
-  before_script: 
+  before_script:
       - *setup_milmove_env
       - *e2e_tests_playwright
   script:
@@ -974,23 +974,22 @@ integration_test_admin:
         --reporter=html,junit \
         --trace=on \
         --workers=1
-  allow_failure: true
   artifacts:
     paths:
       - playwright-report/
       - complete-playwright-report.zip
       - playwright-results.xml
     when: always
+  allow_failure: true
   after_script:
     - *announce_failure
   rules:
    - *check_integration_ignore_branch
 
-
 integration_test_my:
   stage: test
   tags:
-    - $RUNNER_TAG
+    - $DOCKER_RUNNER_TAG
   image: $DOCKER_APP_IMAGE
   services:
     - name: docker:dind
@@ -1025,21 +1024,21 @@ integration_test_my:
       - *setup_milmove_env
       - *e2e_tests_playwright
   script:
+    - echo "TODO Add steps"
+    - echo "integration_test_my"
     - echo "Running integration tests for My"
     - ./node_modules/.bin/playwright test playwright/tests/my \
         --reporter=html,junit \
         --trace=on \
         --workers=1 \
         --shard="$CI_NODE_INDEX/$CI_NODE_TOTAL"
-    - echo "TODO Add steps"
-    - echo "integration_test_my"
-  allow_failure: true
   artifacts:
     paths:
       - playwright-report/
       - complete-playwright-report.zip
       - playwright-results.xml
     when: always
+  allow_failure: true
   after_script:
     - *announce_failure
   rules:
@@ -1048,7 +1047,7 @@ integration_test_my:
 integration_test_office:
   stage: test
   tags:
-    - $RUNNER_TAG
+    - $DOCKER_RUNNER_TAG
   image: $DOCKER_APP_IMAGE
   services:
     - name: docker:dind
@@ -1079,24 +1078,23 @@ integration_test_office:
     - pre_deps_golang
     - compile_app_client
     - compile_app_server
-  before_script: 
+  before_script:
       - *setup_milmove_env
       - *e2e_tests_playwright
   script:
     - echo "TODO Add steps"
     - echo "integration_test_office"
-    - echo "Running integration tests for Office"
     - ./node_modules/.bin/playwright test playwright/tests/office \
         --reporter=html,junit \
         --trace=on \
         --workers=1
-  allow_failure: true
   artifacts:
     paths:
       - playwright-report/
       - complete-playwright-report.zip
       - playwright-results.xml
     when: always
+  allow_failure: true
   after_script:
     - *announce_failure
   rules:
@@ -1242,6 +1240,7 @@ deploy_tasks_dp3:
   stage: deploy
   tags:
     - $RUNNER_TAG
+  environment: $DP3_ENV
   image:
     name: $DOCKER_APP_IMAGE
     entrypoint: [""]
@@ -1283,6 +1282,7 @@ deploy_app_client_tls_dp3:
     HEALTH_CHECK: "true"
   before_script:
     - *setup_aws_vars_dp3
+    - *setup_tls_vars_dp3
     - *setup_release_dp3
   script:
     # - echo "Comparing against deployed commit"
@@ -1295,11 +1295,11 @@ deploy_app_client_tls_dp3:
     - echo "Deploying app-client-tls service"
     - ./scripts/ecs-deploy-service-container app-client-tls "${ECR_REPOSITORY_URI}/app@${ECR_DIGEST}" "${APP_ENVIRONMENT}" "/bin/milmove serve"
     - echo "Running Health Check"
-    # - bin/health-checker --schemes https --hosts api.demo.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --tries 10 --backoff 3 --log-level info --timeout 5m
-    # - echo "Running TLS Check"
-    # - bin/tls-checker --schemes https --hosts api.demo.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --log-level info --timeout 15m
-    # - echo "Checking deployed commits"
-    # - ./scripts/check-deployed-commit "api.demo.dp3.us" "$CI_COMMIT_SHA" ${TLS_KEY} ${TLS_CERT} ${TLS_CA}
+    - bin/health-checker --schemes https --hosts api.$APP_ENVIRONMENT.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --tries 10 --backoff 3 --log-level info --timeout 5m
+    - echo "Running TLS Check"
+    - bin/tls-checker --schemes https --hosts api.$APP_ENVIRONMENT.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --log-level info --timeout 15m
+    - echo "Checking deployed commits"
+    - ./scripts/check-deployed-commit "api.$APP_ENVIRONMENT.dp3.us" "$CI_COMMIT_SHA" ${TLS_KEY} ${TLS_CERT} ${TLS_CA}
   after_script:
     - *announce_failure
   rules:
@@ -1322,6 +1322,7 @@ deploy_app_dp3:
     OPEN_TELEMETRY_SIDECAR: "true"
     HEALTH_CHECK: "true"
   before_script:
+    - *setup_tls_vars_dp3
     - *setup_aws_vars_dp3
     - *setup_release_dp3
   script:
@@ -1344,11 +1345,11 @@ deploy_app_dp3:
     - echo "Deploying app service"
     - ./scripts/ecs-deploy-service-container app "${ECR_REPOSITORY_URI}/app@${ECR_DIGEST}" "${APP_ENVIRONMENT}" "/bin/milmove serve"
     - echo "Running Health Check"
-    # - bin/health-checker --schemes https --hosts my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us --tries 10 --backoff 3 --log-level info --timeout 5m
-    # - echo "Running TLS Check"
-    # - bin/tls-checker --schemes https --hosts my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us --log-level info --timeout 15m
-    # - echo "Checking deployed commits"
-    - ./scripts/check-deployed-commit "my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us" "$CI_COMMIT_SHA"
+    - bin/health-checker --schemes https --hosts my.$DP3_ENV.dp3.us,office.$DP3_ENV.dp3.us,admin.$DP3_ENV.dp3.us --tries 10 --backoff 3 --log-level info --timeout 5m
+    - echo "Running TLS Check"
+    - bin/tls-checker --schemes https --hosts my.$DP3_ENV.dp3.us,office.$DP3_ENV.dp3.us,admin.$DP3_ENV.dp3.us --log-level info --timeout 15m
+    - echo "Checking deployed commits"
+    - ./scripts/check-deployed-commit "my.$DP3_ENV.dp3.us,office.$DP3_ENV.dp3.us,admin.$DP3_ENV.dp3.us" "$CI_COMMIT_SHA"
   after_script:
     - *announce_failure
   rules:
@@ -1533,6 +1534,7 @@ deploy_app_client_tls_stg:
     OPEN_TELEMETRY_SIDECAR: "true"
     HEALTH_CHECK: "true"
   before_script:
+    - *setup_tls_vars_stg
     - *setup_aws_vars_stg
     - *setup_release_stg
   script:
@@ -1545,12 +1547,13 @@ deploy_app_client_tls_stg:
     - export OTEL_COLLECTOR_IMAGE="${ECR_REPOSITORY_URI}/otel-collector@${OTEL_ECR_DIGEST}"
     - echo "Deploying app-client-tls service"
     - ./scripts/ecs-deploy-service-container app-client-tls "${ECR_REPOSITORY_URI}/app@${ECR_DIGEST}" "${APP_ENVIRONMENT}" "/bin/milmove serve"
+    #TODO: fix domain make dynamic and pass in preferred
     - echo "Running Health Check"
-    # - bin/health-checker --schemes https --hosts api.demo.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --tries 10 --backoff 3 --log-level info --timeout 5m
-    # - echo "Running TLS Check"
-    # - bin/tls-checker --schemes https --hosts api.demo.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --log-level info --timeout 15m
-    # - echo "Checking deployed commits"
-    # - ./scripts/check-deployed-commit "api.demo.dp3.us" "$CI_COMMIT_SHA" ${TLS_KEY} ${TLS_CERT} ${TLS_CA}
+    - bin/health-checker --schemes https --hosts api.$APP_ENVIRONMENT.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --tries 10 --backoff 3 --log-level info --timeout 5m
+    - echo "Running TLS Check"
+    - bin/tls-checker --schemes https --hosts api.$APP_ENVIRONMENT.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --log-level info --timeout 15m
+    - echo "Checking deployed commits"
+    - ./scripts/check-deployed-commit "api.$APP_ENVIRONMENT.dp3.us" "$CI_COMMIT_SHA" ${TLS_KEY} ${TLS_CERT} ${TLS_CA}
   after_script:
     - *announce_failure
   rules:
@@ -1573,6 +1576,7 @@ deploy_app_stg:
     OPEN_TELEMETRY_SIDECAR: "true"
     HEALTH_CHECK: "true"
   before_script:
+    - *setup_tls_vars_stg
     - *setup_aws_vars_stg
     - *setup_release_stg
   script:
@@ -1594,12 +1598,13 @@ deploy_app_stg:
     - export OTEL_COLLECTOR_IMAGE="${ECR_REPOSITORY_URI}/otel-collector@${OTEL_ECR_DIGEST}"
     - echo "Deploying app service"
     - ./scripts/ecs-deploy-service-container app "${ECR_REPOSITORY_URI}/app@${ECR_DIGEST}" "${APP_ENVIRONMENT}" "/bin/milmove serve"
+    #TODO: fix domain make dynamic and pass in preferred
     - echo "Running Health Check"
-    # - bin/health-checker --schemes https --hosts my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us --tries 10 --backoff 3 --log-level info --timeout 5m
-    # - echo "Running TLS Check"
-    # - bin/tls-checker --schemes https --hosts my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us --log-level info --timeout 15m
-    # - echo "Checking deployed commits"
-    - ./scripts/check-deployed-commit "my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us" "$CI_COMMIT_SHA"
+    - bin/health-checker --schemes https --hosts my.$APP_ENVIRONMENT.dp3.us,office.$APP_ENVIRONMENT.dp3.us,admin.$APP_ENVIRONMENT.dp3.us --tries 10 --backoff 3 --log-level info --timeout 5m
+    - echo "Running TLS Check"
+    - bin/tls-checker --schemes https --hosts my.$APP_ENVIRONMENT.dp3.us,office.$APP_ENVIRONMENT.dp3.us,admin.$APP_ENVIRONMENT.dp3.us --log-level info --timeout 15m
+    - echo "Checking deployed commits"
+    - ./scripts/check-deployed-commit "my.$APP_ENVIRONMENT.dp3.us,office.$APP_ENVIRONMENT.dp3.us,admin.$APP_ENVIRONMENT.dp3.us" "$CI_COMMIT_SHA"
   after_script:
     - *announce_failure
   rules:
@@ -1804,6 +1809,7 @@ deploy_app_client_tls_prd:
     OPEN_TELEMETRY_SIDECAR: "true"
     HEALTH_CHECK: "true"
   before_script:
+    - *setup_tls_vars_prd
     - *setup_aws_vars_prd
     - *setup_release_prd
   script:
@@ -1816,12 +1822,13 @@ deploy_app_client_tls_prd:
     - export OTEL_COLLECTOR_IMAGE="${ECR_REPOSITORY_URI}/otel-collector@${OTEL_ECR_DIGEST}"
     - echo "Deploying app-client-tls service"
     - ./scripts/ecs-deploy-service-container app-client-tls "${ECR_REPOSITORY_URI}/app@${ECR_DIGEST}" "${APP_ENVIRONMENT}" "/bin/milmove serve"
+    #TODO: fix domain make dynamic and pass in preferred
     - echo "Running Health Check"
-    # - bin/health-checker --schemes https --hosts api.demo.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --tries 10 --backoff 3 --log-level info --timeout 5m
-    # - echo "Running TLS Check"
-    # - bin/tls-checker --schemes https --hosts api.demo.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --log-level info --timeout 15m
-    # - echo "Checking deployed commits"
-    # - ./scripts/check-deployed-commit "api.demo.dp3.us" "$CI_COMMIT_SHA" ${TLS_KEY} ${TLS_CERT} ${TLS_CA}
+    - bin/health-checker --schemes https --hosts api.$APP_ENVIRONMENT.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --tries 10 --backoff 3 --log-level info --timeout 5m
+    - echo "Running TLS Check"
+    - bin/tls-checker --schemes https --hosts api.$APP_ENVIRONMENT.dp3.us --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --log-level info --timeout 15m
+    - echo "Checking deployed commits"
+    - ./scripts/check-deployed-commit "api.$APP_ENVIRONMENT.dp3.us" "$CI_COMMIT_SHA" ${TLS_KEY} ${TLS_CERT} ${TLS_CA}
   after_script:
     - *announce_failure
   rules:
@@ -1844,6 +1851,7 @@ deploy_app_prd:
     OPEN_TELEMETRY_SIDECAR: "true"
     HEALTH_CHECK: "true"
   before_script:
+    - *setup_tls_vars_prd
     - *setup_aws_vars_prd
     - *setup_release_prd
   script:
@@ -1865,12 +1873,13 @@ deploy_app_prd:
     - export OTEL_COLLECTOR_IMAGE="${ECR_REPOSITORY_URI}/otel-collector@${OTEL_ECR_DIGEST}"
     - echo "Deploying app service"
     - ./scripts/ecs-deploy-service-container app "${ECR_REPOSITORY_URI}/app@${ECR_DIGEST}" "${APP_ENVIRONMENT}" "/bin/milmove serve"
+    #TODO: fix domain make dynamic and pass in preferred
     - echo "Running Health Check"
-    # - bin/health-checker --schemes https --hosts my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us --tries 10 --backoff 3 --log-level info --timeout 5m
-    # - echo "Running TLS Check"
-    # - bin/tls-checker --schemes https --hosts my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us --log-level info --timeout 15m
-    # - echo "Checking deployed commits"
-    - ./scripts/check-deployed-commit "my.demo.dp3.us,office.demo.dp3.us,admin.demo.dp3.us" "$CI_COMMIT_SHA"
+    - bin/health-checker --schemes https --hosts my.$APP_ENVIRONMENT.dp3.us,office.$APP_ENVIRONMENT.dp3.us,admin.$APP_ENVIRONMENT.dp3.us --tries 10 --backoff 3 --log-level info --timeout 5m
+    - echo "Running TLS Check"
+    - bin/tls-checker --schemes https --hosts my.$APP_ENVIRONMENT.dp3.us,office.$APP_ENVIRONMENT.dp3.us,admin.$APP_ENVIRONMENT.dp3.us --log-level info --timeout 15m
+    - echo "Checking deployed commits"
+    - ./scripts/check-deployed-commit "my.$APP_ENVIRONMENT.dp3.us,office.$APP_ENVIRONMENT.dp3.us,admin.$APP_ENVIRONMENT.dp3.us" "$CI_COMMIT_SHA"
   after_script:
     - *announce_failure
   rules: