Automate Promotion Pipeline Workflow¶

Overview¶

In the previous topics, we promoted the queue manager and sample application from dev to staging environment and then from staging to prod environment. We then deployed them using ArgoCD.

In this topic, we're going to make this promotion processes fully automatic. As we perviously saw, a change to the queue manager source repository or sample application source repository will automatically result in a pipeline run for it. If the pipeline is successful, new kubernetes resources will be built and automatically deployed by ArgoCD into the dev namespace. Once the Queuemanager or the sample application is successfully deployed in dev namespace, the argocd post sync trigger in dev namespace will automatically generate a pipelinerun. If the pipeline is successful, new resources will be built and automatically deployed by ArgoCD into the stage namespace. Following the same approach again, once the Queuemanager or the sample application is successfully deployed in stage namespace, the argocd post sync trigger in stage namespace will automatically generate a pipelinerun. If the pipeline is successful, new resources will be built and automatically deployed by ArgoCD into the prod namespace. To recap, the whole process will be automatic from end-to-end.

Look at the following diagram:

mqcicd7

We've already seen most of the highlighted components. Notice that we've added a post sync trigger. This trigger will be responsible to fire promotion pipelines every time the QM1 or Sample application is successfully deployed in the respective namespaces.

In this topic, we're going to:

Set up post sync triggers.
Test the end to end promotion process.

By the end of this topic we'll have a fully automated promotion process set up in place to deploy the latest changes made to QueueManager or Sample application to the cluster across all environments in an automated fashion.

Pre-requisites¶

Before attempting this topic, you should have successfully completed the previous topic.

Set up the ArgoCD Post-sync hook¶

An ArgoCD PostSync hook is useful to run certain checks after the deployment. For instance, if we want to validate the health or perform some integration tests, we can use PostSync hook to do these things for us. Basically, this hook executes after all the the Sync hooks of the application are successful and completed.

If you want to know more about this, check Resource Hooks out.

In this topic section we're going to set up the components we need for our PostSync hook:

mqcicd8

A PostSync hook will be triggered by ArgoCD once the deployment is successful and is sent to an event listener. In Kubernetes, this event listener comprises a normal route and service front-ending a Tekton eventlistener custom resource. The event listener is driven by the ArgoCD PostSync hook, and runs the pipeline using a Tekton trigger.

Set up trigger templates¶

Select the GitOps terminal window

Return to the terminal window you're using for the multi-tenancy-gitops-apps GitOps repository.

We're going to make use of a script in the sample GitOps apps repository that makes use of the $GIT_ORG and $GIT_BRANCH_QM1 environment variables you've seen earlier. Previously we used them in the mq-qm01 terminal window; now we're going to use this in the multi-tenancy-gitops-apps terminal window.

Again, make sure in you're in the multi-tenancy-gitops-apps terminal window.

Issue the following command to ensure you're in the correct starting folder:
```
cd $GIT_ROOT/multi-tenancy-gitops-apps
```
Set up the $GIT_ORG and $GIT_BRANCH environment variables

Let's set up the environment variables.

Replace <git-org> in the following command with your GitHub user name:
```
export GIT_ORG=<git-org>
```
Then create the $GIT_BRANCH environment variable:
```
export GIT_BRANCH=master
```
Verify that your $GIT_USER and $GIT_BRANCH environment variables are set:
```
echo $GIT_ORG
echo $GIT_BRANCH
```
For example:
```
(base) user/git/multi-tenancy-gitops echo GIT_ORG
prod-ref-guide
(base) user/git/multi-tenancy-gitops echo GIT_BRANCH
master
```

The trigger templates for Queuemanager PostSync hook in dev environment

Issue the following commands to generate a trigger template for Queuemanager PostSync hook in dev environment:

cd mq/environments/ci/triggertemplates
./mq-qm-dev-triggertemplate.sh
cd ../../../../

Issue the following command to verify:

cat mq/environments/ci/triggertemplates/mq-qm-dev-triggertemplate.yaml

to show the trigger template we created earlier:

apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerTemplate
metadata:
  labels:
    app: mq-qm-post-dev
  name: mq-qm-post-dev
spec:
  resourcetemplates:
    - apiVersion: tekton.dev/v1beta1
      kind: PipelineRun
      metadata:
        annotations:
          argocd.argoproj.io/compare-options: IgnoreExtraneous
          argocd.argoproj.io/sync-options: Prune=false
        labels:
          tekton.dev/pipeline: ibm-mq-promote-dev-stage
        generateName: ibm-mq-promote-dev-stage-
      spec:
        params:
        - name: git-url
          value: https://github.com/prod-ref-guide/mq-qm01.git
        pipelineRef:
          name: ibm-mq-promote-dev-stage

The trigger templates for MQ sample application PostSync hook in dev environment

Issue the following commands to generate a trigger template for MQ Sample application PostSync hook in dev environment:

cd mq/environments/ci/triggertemplates
./mq-spring-app-dev-triggertemplate.sh
cd ../../../../

Issue the following command to verify:

cat mq/environments/ci/triggertemplates/mq-spring-app-dev-triggertemplate.yaml

to show the trigger template we created earlier:

apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerTemplate
metadata:
  labels:
    app: mq-spring-app-post-dev
  name: mq-spring-app-post-dev
spec:
  resourcetemplates:
    - apiVersion: tekton.dev/v1beta1
      kind: PipelineRun
      metadata:
        annotations:
          argocd.argoproj.io/compare-options: IgnoreExtraneous
          argocd.argoproj.io/sync-options: Prune=false
        labels:
          tekton.dev/pipeline: ibm-mq-promote-dev-stage
        generateName: ibm-mq-promote-dev-stage-
      spec:
        params:
        - name: git-url
          value: https://github.com/prod-ref-guide/mq-spring-app.git
        pipelineRef:
          name: ibm-mq-promote-dev-stage

The trigger templates for Queuemanager PostSync hook in stage environment

Issue the following commands to generate a trigger template for Queuemanager PostSync hook in stage environment:

cd mq/environments/ci/triggertemplates
./mq-qm-stage-triggertemplate.sh
cd ../../../../

Issue the following command to verify:

cat mq/environments/ci/triggertemplates/mq-qm-stage-triggertemplate.yaml

to show the trigger template we created earlier:

apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerTemplate
metadata:
  labels:
    app: mq-qm-post-stage
  name: mq-qm-post-stage
spec:
  resourcetemplates:
    - apiVersion: tekton.dev/v1beta1
      kind: PipelineRun
      metadata:
        annotations:
          argocd.argoproj.io/compare-options: IgnoreExtraneous
          argocd.argoproj.io/sync-options: Prune=false
        labels:
          tekton.dev/pipeline: ibm-mq-promote-stage-prod
        generateName: ibm-mq-promote-stage-prod-
      spec:
        params:
        - name: git-url
          value: https://github.com/prod-ref-guide/mq-qm01.git
        pipelineRef:
          name: ibm-mq-promote-stage-prod

The trigger templates for MQ sample application PostSync hook in stage environment

Issue the following commands to generate a trigger template for MQ Sample application PostSync hook in stage environment:

cd mq/environments/ci/triggertemplates
./mq-spring-app-stage-triggertemplate.sh
cd ../../../../

Issue the following command to verify:

cat mq/environments/ci/triggertemplates/mq-spring-app-stage-triggertemplate.yaml

to show the trigger template we created earlier:

apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerTemplate
metadata:
  labels:
    app: mq-spring-app-post-stage
  name: mq-spring-app-post-stage
spec:
  resourcetemplates:
    - apiVersion: tekton.dev/v1beta1
      kind: PipelineRun
      metadata:
        annotations:
          argocd.argoproj.io/compare-options: IgnoreExtraneous
          argocd.argoproj.io/sync-options: Prune=false
        labels:
          tekton.dev/pipeline: ibm-mq-promote-stage-prod
        generateName: ibm-mq-promote-stage-prod-
      spec:
        params:
        - name: git-url
          value: https://github.com/prod-ref-guide/mq-spring-app.git
        pipelineRef:
          name: ibm-mq-promote-stage-prod

Push GitOps changes to GitHub

Let’s make these GitOps changes and push them.

Add all changes in the current folder to a git index, commit them, and push them to GitHub:
```
git add mq/environments/ci/triggertemplates
git commit -s -m "Defining trigger templates for promotion automation"
git push origin $GIT_BRANCH
```

Review the eventlisteners¶

The eventlistener for QueueManager in dev environment

Issue the following commands to verify the eventlistener definition in dev environment for the QueueManager:

cat mq/environments/ci/eventlisteners/mq-qm-dev-eventlistener.yaml

to show the eventlistener:

apiVersion: triggers.tekton.dev/v1alpha1
kind: EventListener
metadata:
  name: mq-qm-post-dev
spec:
  serviceAccountName: pipeline
  triggers:
    - name: mq-qm-post-dev
      template:
        ref: mq-qm-post-dev

The eventlistener for MQ sample application in dev environment

Issue the following commands to verify the eventlistener definition in dev environment for the MQ sample application:

cat mq/environments/ci/eventlisteners/mq-spring-app-dev-eventlistener.yaml

to show the eventlistener:

apiVersion: triggers.tekton.dev/v1alpha1
kind: EventListener
metadata:
  name: mq-spring-app-post-dev
spec:
  serviceAccountName: pipeline
  triggers:
    - name: mq-spring-app-post-dev
      template:
        ref: mq-spring-app-post-dev

The eventlistener for QueueManager in stage environment

Issue the following commands to verify the eventlistener definition in stage environment for the QueueManager:

cat mq/environments/ci/eventlisteners/mq-qm-stage-eventlistener.yaml

to show the eventlistener:

apiVersion: triggers.tekton.dev/v1alpha1
kind: EventListener
metadata:
  name: mq-qm-post-stage
spec:
  serviceAccountName: pipeline
  triggers:
    - name: mq-qm-post-stage
      template:
        ref: mq-qm-post-stage

The eventlistener for MQ sample application in stage environment

Issue the following commands to verify the eventlistener definition in stage environment for the MQ sample application:

cat mq/environments/ci/eventlisteners/mq-spring-app-stage-eventlistener.yaml

to show the eventlistener:

apiVersion: triggers.tekton.dev/v1alpha1
kind: EventListener
metadata:
  name: mq-spring-app-post-stage
spec:
  serviceAccountName: pipeline
  triggers:
    - name: mq-spring-app-post-stage
      template:
        ref: mq-spring-app-post-stage

Review the routes for the eventlisteners¶

The route for QueueManager eventlistener in dev environment

Issue the following commands to verify the eventlistener route definition in dev environment for the QueueManager:

cat mq/environments/ci/routes/mq-qm-dev-route.yaml

to show the route we created earlier:

apiVersion: route.openshift.io/v1
kind: Route
metadata:
  name: mq-qm-post-dev
  labels:
    app.kubernetes.io/managed-by: EventListener
    app.kubernetes.io/part-of: Triggers
    eventlistener: mq-qm-post-dev
  annotations:
    openshift.io/host.generated: 'true'
spec:
  to:
    kind: "Service"
    name: el-mq-qm-post-dev
    weight: 100
  port:
    targetPort: http-listener
  wildcardPolicy: None

The route for MQ sample application eventlistener in dev environment

Issue the following commands to verify the eventlistener route definition in dev environment for the MQ sample application:

cat mq/environments/ci/routes/mq-spring-app-dev-route.yaml

to show the eventlistener we created earlier:

apiVersion: route.openshift.io/v1
kind: Route
metadata:
  name: mq-spring-app-post-dev
  labels:
    app.kubernetes.io/managed-by: EventListener
    app.kubernetes.io/part-of: Triggers
    eventlistener: mq-spring-app-post-dev
  annotations:
    openshift.io/host.generated: 'true'
spec:
  to:
    kind: "Service"
    name: el-mq-spring-app-post-dev
    weight: 100
  port:
    targetPort: http-listener
  wildcardPolicy: None

The route for QueueManager eventlistener in stage environment

Issue the following commands to verify the eventlistener route definition in stage environment for the QueueManager:

cat mq/environments/ci/routes/mq-qm-stage-route.yaml

to show the route we created earlier:

apiVersion: route.openshift.io/v1
kind: Route
metadata:
  name: mq-qm-post-stage
  labels:
    app.kubernetes.io/managed-by: EventListener
    app.kubernetes.io/part-of: Triggers
    eventlistener: mq-qm-post-stage
  annotations:
    openshift.io/host.generated: 'true'
spec:
  to:
    kind: "Service"
    name: el-mq-qm-post-stage
    weight: 100
  port:
    targetPort: http-listener
  wildcardPolicy: None

The route for MQ sample application eventlistener in stage environment

Issue the following commands to verify the eventlistener route definition in stage environment for the MQ sample application:

cat mq/environments/ci/routes/mq-spring-app-stage-route.yaml

to show the eventlistener we created earlier:

apiVersion: route.openshift.io/v1
kind: Route
metadata:
  name: mq-spring-app-post-stage
  labels:
    app.kubernetes.io/managed-by: EventListener
    app.kubernetes.io/part-of: Triggers
    eventlistener: mq-spring-app-post-stage
  annotations:
    openshift.io/host.generated: 'true'
spec:
  to:
    kind: "Service"
    name: el-mq-spring-app-post-stage
    weight: 100
  port:
    targetPort: http-listener
  wildcardPolicy: None

Activate the Triggers¶

Activate the PostSync hook components

Now that we've created the event listener and triggers, let's activate all the components necessary to process our PostSync hook: the route, event listener and trigger template.

Open the kustomization.yaml that is under mq/environments/ci/. This contains all the resources that belong to the ci namespace.

cat mq/environments/ci/kustomization.yaml

resources:
#- certificates/ci-mq-client-certificate.yaml
#- certificates/ci-mq-server-certificate.yaml
- configmaps/gitops-repo-configmap.yaml
- eventlisteners/cntk-event-listener.yaml
- triggerbindings/cntk-binding.yaml
- triggertemplates/mq-qm-dev.yaml
- triggertemplates/mq-spring-app-dev.yaml
#- pipelines/mq-metric-samples-dev-pipeline.yaml
- pipelines/ibm-test-pipeline-for-dev.yaml
- pipelines/ibm-test-pipeline-for-stage.yaml
#- pipelines/java-maven-dev-pipeline.yaml
- pipelines/mq-pipeline-dev.yaml
- pipelines/mq-spring-app-dev-pipeline.yaml
- roles/custom-pipeline-sa-clusterrole.yaml
- roles/custom-pipeline-sa-role.yaml
- roles/custom-ci-pipeline-sa-rolebinding.yaml
- roles/custom-dev-pipeline-sa-rolebinding.yaml
- roles/custom-staging-pipeline-sa-rolebinding.yaml
- roles/custom-prod-pipeline-sa-rolebinding.yaml
- routes/cntk-route.yaml
#- secrets/artifactory-access-secret.yaml
- secrets/git-credentials-secret.yaml
- secrets/ibm-entitled-registry-credentials-secret.yaml
#- secrets/mq-client-jks-password-secret.yaml
- tasks/10-gitops.yaml
- tasks/10-gitops-for-mq.yaml
- tasks/10-gitops-promotion.yaml
- tasks/11-app-name.yaml
- tasks/12-functional-tests.yaml
- tasks/13-jmeter-performance-test.yaml
- tasks/13-cphtestp-performance-test.yaml
- tasks/4-smoke-tests-mq.yaml
- tasks/4-smoke-tests.yaml
- tasks/ibm-build-tag-push-v2-6-13.yaml
- tasks/ibm-helm-release-v2-6-13.yaml
- tasks/ibm-img-release-v2-6-13.yaml
- tasks/ibm-img-scan-v2-6-13.yaml
- tasks/ibm-java-maven-test-v2-6-13.yaml
- tasks/ibm-setup-v2-6-13.yaml
- tasks/ibm-tag-release-v2-6-13.yaml
#- tasks/mq-metrics-build-tag-push.yaml

# Automated promotion process triggers

# - triggertemplates/mq-qm-dev-triggertemplate.yaml
# - eventlisteners/mq-qm-dev-eventlistener.yaml
# - routes/mq-qm-dev-route.yaml
#
# - triggertemplates/mq-spring-app-dev-triggertemplate.yaml
# - eventlisteners/mq-spring-app-dev-eventlistener.yaml
# - routes/mq-spring-app-dev-route.yaml
#
# - triggertemplates/mq-qm-stage-triggertemplate.yaml
# - eventlisteners/mq-qm-stage-eventlistener.yaml
# - routes/mq-qm-stage-route.yaml
#
# - triggertemplates/mq-spring-app-stage-triggertemplate.yaml
# - eventlisteners/mq-spring-app-stage-eventlistener.yaml
# - routes/mq-spring-app-stage-route.yaml

Open this file in your editor and uncomment the below resources.

- triggertemplates/mq-qm-dev-triggertemplate.yaml
- eventlisteners/mq-qm-dev-eventlistener.yaml
- routes/mq-qm-dev-route.yaml

- triggertemplates/mq-spring-app-dev-triggertemplate.yaml
- eventlisteners/mq-spring-app-dev-eventlistener.yaml
- routes/mq-spring-app-dev-route.yaml

- triggertemplates/mq-qm-stage-triggertemplate.yaml
- eventlisteners/mq-qm-stage-eventlistener.yaml
- routes/mq-qm-stage-route.yaml

- triggertemplates/mq-spring-app-stage-triggertemplate.yaml
- eventlisteners/mq-spring-app-stage-eventlistener.yaml
- routes/mq-spring-app-stage-route.yaml

You will have the following resources now:

resources:
#- certificates/ci-mq-client-certificate.yaml
#- certificates/ci-mq-server-certificate.yaml
- configmaps/gitops-repo-configmap.yaml
- eventlisteners/cntk-event-listener.yaml
- triggerbindings/cntk-binding.yaml
- triggertemplates/mq-qm-dev.yaml
- triggertemplates/mq-spring-app-dev.yaml
#- pipelines/mq-metric-samples-dev-pipeline.yaml
- pipelines/ibm-test-pipeline-for-dev.yaml
- pipelines/ibm-test-pipeline-for-stage.yaml
#- pipelines/java-maven-dev-pipeline.yaml
- pipelines/mq-pipeline-dev.yaml
- pipelines/mq-spring-app-dev-pipeline.yaml
- roles/custom-pipeline-sa-clusterrole.yaml
- roles/custom-pipeline-sa-role.yaml
- roles/custom-ci-pipeline-sa-rolebinding.yaml
- roles/custom-dev-pipeline-sa-rolebinding.yaml
- roles/custom-staging-pipeline-sa-rolebinding.yaml
- roles/custom-prod-pipeline-sa-rolebinding.yaml
- routes/cntk-route.yaml
#- secrets/artifactory-access-secret.yaml
- secrets/git-credentials-secret.yaml
- secrets/ibm-entitled-registry-credentials-secret.yaml
#- secrets/mq-client-jks-password-secret.yaml
- tasks/10-gitops.yaml
- tasks/10-gitops-for-mq.yaml
- tasks/10-gitops-promotion.yaml
- tasks/11-app-name.yaml
- tasks/12-functional-tests.yaml
- tasks/13-jmeter-performance-test.yaml
- tasks/13-cphtestp-performance-test.yaml
- tasks/4-smoke-tests-mq.yaml
- tasks/4-smoke-tests.yaml
- tasks/ibm-build-tag-push-v2-6-13.yaml
- tasks/ibm-helm-release-v2-6-13.yaml
- tasks/ibm-img-release-v2-6-13.yaml
- tasks/ibm-img-scan-v2-6-13.yaml
- tasks/ibm-java-maven-test-v2-6-13.yaml
- tasks/ibm-setup-v2-6-13.yaml
- tasks/ibm-tag-release-v2-6-13.yaml
#- tasks/mq-metrics-build-tag-push.yaml

# Automated promotion process triggers

- triggertemplates/mq-qm-dev-triggertemplate.yaml
- eventlisteners/mq-qm-dev-eventlistener.yaml
- routes/mq-qm-dev-route.yaml

- triggertemplates/mq-spring-app-dev-triggertemplate.yaml
- eventlisteners/mq-spring-app-dev-eventlistener.yaml
- routes/mq-spring-app-dev-route.yaml

- triggertemplates/mq-qm-stage-triggertemplate.yaml
- eventlisteners/mq-qm-stage-eventlistener.yaml
- routes/mq-qm-stage-route.yaml

- triggertemplates/mq-spring-app-stage-triggertemplate.yaml
- eventlisteners/mq-spring-app-stage-eventlistener.yaml
- routes/mq-spring-app-stage-route.yaml

Update the GitOps repository

Let’s commit these changes to make the event listener and trigger resources active in the cluster.

Issue the following command:

git add mq/environments/ci/kustomization.yaml
git commit -s -m "Add PostSync hook components"
git push origin $GIT_BRANCH

which shows that the changes are pushed to GitHub:

Enumerating objects: 20, done.
Counting objects: 100% (18/18), done.
Delta compression using up to 16 threads
Compressing objects: 100% (10/10), done.
Writing objects: 100% (10/10), 928 bytes | 928.00 KiB/s, done.
Total 10 (delta 8), reused 0 (delta 0), pack-reused 0
remote: Resolving deltas: 100% (8/8), completed with 5 local objects.
To https://github.com/prod-ref-guide/multi-tenancy-gitops-apps.git
  239e49d..3a32a17  master -> master

This change to the GitOps repository can now be used by ArgoCD.

Enable PostSync hooks in dev¶

Add PostSync hook to mq-qm01

Issue the following commands to enable the postsync hook for mq-qm01:

cd mq/environments/dev/mq-qm01/queuemanager/hooks/
./post-sync-job.sh
cd ../../../../../../

Issue the following command to verify:

cat mq/environments/dev/mq-qm01/queuemanager/hooks/post-sync-job.yaml

to show the post-sync-job.yaml we created earlier:

apiVersion: batch/v1
kind: Job
metadata:
  name: trigger-dev-stage-promotion-pipeline-for-qmgr
  namespace: ci
  annotations:
    argocd.argoproj.io/hook: PostSync
spec:
  template:
    spec:
      serviceAccountName: pipeline
      containers:
      - name: tests-in-dev-env
        image: quay.io/rhcanada/tkn-cli
        command:
          - tkn
        args:
          - -n
          - ci
          - pipeline
          - start
          - ibm-mq-promote-dev-stage
          - --param
          - git-url=https://github.com/prod-ref-guide/mq-qm01.git
          - --param
          - git-revision=qm1-prod-ref-guide
          - --param
          - src-environment=dev
          - --param
          - dest-environment=staging
          - --param
          - app-path="mq/environments"
          - --param
          - git-pr=true
          - --param
          - test-file="postman/mq-spring-app.postman_collection.json"
      restartPolicy: Never
  backoffLimit: 0

Activate the PostSync hook for mq-qm01

Now that we've created the PostSync job, let's activate it.

Open the kustomization.yaml that is under mq/environments/dev/mq-qm01/. This contains all the resources of mq-qm01 that belong to the dev namespace.

cat mq/environments/dev/mq-qm01/kustomization.yaml

resources:
 - ../../base/mq-qm01
 # - queuemanager/hooks/post-sync-job.yaml
 # - certificates/dev-mq-client-certificate.yaml
 # - certificates/dev-mq-server-certificate.yaml
 # - secrets/mq-client-jks-password-secret.yaml

# Add the configMap that will be used for dynamic updates, this should be used queue manager wide i.e. stay the same in each environment.
components:
- components/dynamic-mqsc/generic-qmgr
- components/scripts

generatorOptions:
 disableNameSuffixHash: true
# We use a configMapGenerator because it allows us to build up the mqsc from regular MQSC files.
configMapGenerator:
# Create an MQSC configMap using generic MQSC which will be added to all queue managers and applied during bootstrap.
- name: mqsc-configmap
  behavior: create
  files:
  - configmap/static-definitions.mqsc
patchesStrategicMerge:
 - queuemanager/queuemanager.yaml
 - components/dynamic-mqsc/generic-qmgr/queuemanager.yaml

Open this file in your editor and uncomment the below resources.

- queuemanager/hooks/post-sync-job.yaml

You will have the following resources now:

resources:
 - ../../base/mq-qm01
 - queuemanager/hooks/post-sync-job.yaml
 # - certificates/dev-mq-client-certificate.yaml
 # - certificates/dev-mq-server-certificate.yaml
 # - secrets/mq-client-jks-password-secret.yaml

# Add the configMap that will be used for dynamic updates, this should be used queue manager wide i.e. stay the same in each environment.
components:
- components/dynamic-mqsc/generic-qmgr
- components/scripts

generatorOptions:
 disableNameSuffixHash: true
# We use a configMapGenerator because it allows us to build up the mqsc from regular MQSC files.
configMapGenerator:
# Create an MQSC configMap using generic MQSC which will be added to all queue managers and applied during bootstrap.
- name: mqsc-configmap
  behavior: create
  files:
  - configmap/static-definitions.mqsc
patchesStrategicMerge:
 - queuemanager/queuemanager.yaml
 - components/dynamic-mqsc/generic-qmgr/queuemanager.yaml

Add PostSync hook to mq-spring-app

Issue the following commands to enable the postsync hook for mq-spring-app:

cd mq/environments/dev/mq-spring-app/deployment/hooks/
./post-sync-job.sh
cd ../../../../../../

Issue the following command to verify:

cat mq/environments/dev/mq-spring-app/deployment/hooks/post-sync-job.yaml

to show the post-sync-job.yaml we created earlier:

apiVersion: batch/v1
kind: Job
metadata:
  name: trigger-stage-prod-promotion-pipeline-for-app
  namespace: ci
  annotations:
    argocd.argoproj.io/hook: PostSync
spec:
  template:
    spec:
      serviceAccountName: pipeline
      containers:
      - name: tests-in-dev-env
        image: quay.io/rhcanada/tkn-cli
        command:
          - tkn
        args:
          - -n
          - ci
          - pipeline
          - start
          - ibm-mq-promote-dev-stage
          - --param
          - git-url=https://github.com/prod-ref-guide/mq-spring-app.git
          - --param
          - git-revision=mq-spring-prod-ref-guide
          - --param
          - src-environment=dev
          - --param
          - dest-environment=staging
          - --param
          - app-path="mq/environments"
          - --param
          - git-pr=true
          - --param
          - test-file="postman/mq-spring-app.postman_collection.json"
      restartPolicy: Never
  backoffLimit: 0

Activate the PostSync hook for mq-spring-app

Now that we've created the PostSync job, let's activate it.

Open the kustomization.yaml that is under mq/environments/dev/mq-spring-app. This contains all the resources of mq-spring-app that belong to the dev namespace.

cat mq/environments/dev/mq-spring-app/kustomization.yaml

resources:
 - ../../base/mq-spring-app
 - configmap/configmap.yaml
 - configmap/configmap-ccdt.yaml
 # - deployment/hooks/post-sync-job.yaml
 # - certificates/dev-mq-client-certificate.yaml
 # - certificates/dev-mq-server-certificate.yaml
 # - secrets/mq-client-jks-password-secret.yaml
patchesStrategicMerge:
 - deployment/deployment.yaml

Open this file in your editor and uncomment the below resources.

- deployment/hooks/post-sync-job.yaml

You will have the following resources now:

resources:
 - ../../base/mq-spring-app
 - configmap/configmap.yaml
 - configmap/configmap-ccdt.yaml
 - deployment/hooks/post-sync-job.yaml
 # - certificates/dev-mq-client-certificate.yaml
 # - certificates/dev-mq-server-certificate.yaml
 # - secrets/mq-client-jks-password-secret.yaml
patchesStrategicMerge:
 - deployment/deployment.yaml

Push GitOps changes to GitHub

Add all changes in the current folder to a git index, commit them, and push them to GitHub:

git add .
git commit -s -m "Defining PostSync hooks to mq-qm01 and mq-spring-app for promotion automation from dev to stage"
git push origin $GIT_BRANCH

Enable PostSync hooks in stage¶

Add PostSync hook to mq-qm01

Issue the following commands to enable the postsync hook for mq-qm01:

cd mq/environments/staging/mq-qm01/queuemanager/hooks/
./post-sync-job.sh
cd ../../../../../../

Issue the following command to verify:

cat mq/environments/staging/mq-qm01/queuemanager/hooks/post-sync-job.yaml

to show the post-sync-job.yaml we created earlier:

apiVersion: batch/v1
kind: Job
metadata:
  name: trigger-stage-prod-promotion-pipeline-for-qmgr
  namespace: ci
  annotations:
    argocd.argoproj.io/hook: PostSync
spec:
  template:
    spec:
      serviceAccountName: pipeline
      containers:
      - name: tests-in-dev-env
        image: quay.io/rhcanada/tkn-cli
        command:
          - tkn
        args:
          - -n
          - ci
          - pipeline
          - start
          - ibm-mq-promote-stage-prod
          - --param
          - git-url=https://github.com/prod-ref-guide/mq-qm01.git
          - --param
          - git-revision=qm1-prod-ref-guide
          - --param
          - src-environment=staging
          - --param
          - dest-environment=prod
          - --param
          - app-path="mq/environments"
          - --param
          - qm-security=false
          - --param
          - git-pr=true
          - --param
          - test-plan="jmeter/mq-spring-app.jmx"
      restartPolicy: Never
  backoffLimit: 0

Activate the PostSync hook for mq-qm01

Now that we've created the PostSync job, let's activate it.

Open the kustomization.yaml that is under mq/environments/staging/mq-qm01. This contains all the resources of mq-qm01 that belong to the stage namespace.

cat mq/environments/staging/mq-qm01/kustomization.yaml

resources:
 - ../../base/mq-qm01
 # - queuemanager/hooks/post-sync-job.yaml
 # - certificates/staging-mq-client-certificate.yaml
 # - certificates/staging-mq-server-certificate.yaml
 # - secrets/mq-client-jks-password-secret.yaml
 - roles/cphtestp-clusterrole.yaml
 - roles/cphtestp-sa-rolebinding.yaml

# Add the configMap that will be used for dynamic updates, this should be used queue manager wide i.e. stay the same in each environment.
components:
- components/dynamic-mqsc/generic-qmgr
- components/scripts

generatorOptions:
 disableNameSuffixHash: true
# We use a configMapGenerator because it allows us to build up the mqsc from regular MQSC files.
configMapGenerator:
# Create an MQSC configMap using generic MQSC which will be added to all queue managers and applied during bootstrap.
- name: mqsc-configmap
  behavior: create
  files:
  - configmap/static-definitions.mqsc
patchesStrategicMerge:
 - queuemanager/queuemanager.yaml
 - components/dynamic-mqsc/generic-qmgr/queuemanager.yaml

Open this file in your editor and uncomment the below resources.

- queuemanager/hooks/post-sync-job.yaml

You will have the following resources now:

resources:
 - ../../base/mq-qm01
 - queuemanager/hooks/post-sync-job.yaml
 # - certificates/staging-mq-client-certificate.yaml
 # - certificates/staging-mq-server-certificate.yaml
 # - secrets/mq-client-jks-password-secret.yaml
 - roles/cphtestp-clusterrole.yaml
 - roles/cphtestp-sa-rolebinding.yaml

# Add the configMap that will be used for dynamic updates, this should be used queue manager wide i.e. stay the same in each environment.
components:
- components/dynamic-mqsc/generic-qmgr
- components/scripts

generatorOptions:
 disableNameSuffixHash: true
# We use a configMapGenerator because it allows us to build up the mqsc from regular MQSC files.
configMapGenerator:
# Create an MQSC configMap using generic MQSC which will be added to all queue managers and applied during bootstrap.
- name: mqsc-configmap
  behavior: create
  files:
  - configmap/static-definitions.mqsc
patchesStrategicMerge:
 - queuemanager/queuemanager.yaml
 - components/dynamic-mqsc/generic-qmgr/queuemanager.yaml

Add PostSync hook to mq-spring-app

Issue the following commands to enable the postsync hook for mq-spring-app:

cd mq/environments/staging/mq-spring-app/deployment/hooks/
./post-sync-job.sh
cd ../../../../../../

Issue the following command to verify:

cat mq/environments/staging/mq-spring-app/deployment/hooks/post-sync-job.yaml

to show the post-sync-job.yaml we created earlier:

apiVersion: batch/v1
kind: Job
metadata:
  name: trigger-dev-stage-promotion-pipeline-for-app
  namespace: ci
  annotations:
    argocd.argoproj.io/hook: PostSync
spec:
  template:
    spec:
      serviceAccountName: pipeline
      containers:
      - name: tests-in-dev-env
        image: quay.io/rhcanada/tkn-cli
        command:
          - tkn
        args:
          - -n
          - ci
          - pipeline
          - start
          - ibm-mq-promote-stage-prod
          - --param
          - git-url=https://github.com/prod-ref-guide/mq-spring-app.git
          - --param
          - git-revision=mq-spring-prod-ref-guide
          - --param
          - src-environment=staging
          - --param
          - dest-environment=prod
          - --param
          - app-path="mq/environments"
          - --param
          - qm-security=false
          - --param
          - git-pr=true
          - --param
          - test-plan="jmeter/mq-spring-app.jmx"
      restartPolicy: Never
  backoffLimit: 0

Activate the PostSync hook for mq-spring-app

Now that we've created the PostSync job, let's activate it.

Open the kustomization.yaml that is under mq/environments/staging/mq-spring-app. This contains all the resources of mq-spring-app that belong to the stage namespace.

cat mq/environments/staging/mq-spring-app/kustomization.yaml

resources:
 - ../../base/mq-spring-app
 - configmap/configmap.yaml
 - configmap/configmap-ccdt.yaml
 # - deployment/hooks/post-sync-job.yaml
 # - certificates/dev-mq-client-certificate.yaml
 # - certificates/dev-mq-server-certificate.yaml
 # - secrets/mq-client-jks-password-secret.yaml
patchesStrategicMerge:
 - deployment/deployment.yaml

Open this file in your editor and uncomment the below resources.

- deployment/hooks/post-sync-job.yaml

You will have the following resources now:

resources:
 - ../../base/mq-spring-app
 - configmap/configmap.yaml
 - configmap/configmap-ccdt.yaml
 - deployment/hooks/post-sync-job.yaml
 # - certificates/dev-mq-client-certificate.yaml
 # - certificates/dev-mq-server-certificate.yaml
 # - secrets/mq-client-jks-password-secret.yaml
patchesStrategicMerge:
 - deployment/deployment.yaml

Push GitOps changes to GitHub

Add all changes in the current folder to a git index, commit them, and push them to GitHub:

git add .
git commit -s -m "Defining PostSync hooks to mq-qm01 and mq-spring-app for promotion automation from stage to prod"
git push origin $GIT_BRANCH

Congratulations!

You've now got a fully automated promotion process for your queue manager and MQ sample application.

You started the chapter by configuring all the necessary components for a ArgoCD PostSync resource hook. As part of it, you created event listeners and triggers in your cluster to process these events and start the promotion pipeline run using the data in the event. After updating the QM1 source repository or MQ Sample Application source repository, respective pipeline runs was triggered automatically.

Initially when the changes are made, mq-qm-dev or mq-spring-app-dev pipeline will run. Once the artifacts are deployed in the dev namespace, ArgoCD PostSync hook in dev will trigger the ibm-mq-promote-dev-stage pipeline automatically which leaves a PR in the GitOps apps repository for stage resources. Once this PR is merged and the deployments are done in stage namespace, ArgoCD PostSync hook in stage will trigger the ibm-mq-promote-stage-prod pipeline automatically which leaves a PR in the GitOps apps repository for prod resources. Once this PR is merged, deployments will be done in prod namespace.