-
Notifications
You must be signed in to change notification settings - Fork 0
111 lines (97 loc) · 4.11 KB
/
pr-open.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
name: PR
on:
pull_request:
merge_group:
concurrency:
# Cancel in progress for PR open and close, but not merge_group
group: ${{ github.workflow }}-${{ github.event.number || github.event.merge_group.base_sha }}
cancel-in-progress: true
jobs:
builds:
name: Builds
if: '!github.event.pull_request.head.repo.fork'
runs-on: ubuntu-22.04
permissions:
packages: write
strategy:
matrix:
package: [nr-oracle-service, nr-oracle-service-init]
include:
- package: nr-oracle-service
build_file: Dockerfile
build_context: .
triggers: ('src/' 'pom.xml')
- package: nr-oracle-service-init
build_file: Dockerfile.certs
build_context: .
triggers: ('get_certs.sh' 'Dockerfile.certs')
steps:
- uses: actions/checkout@v4
- uses: bcgov-nr/[email protected]
with:
package: ${{ matrix.package }}
tag: ${{ github.event.number }}
token: ${{ secrets.GITHUB_TOKEN }}
build_file: ${{ matrix.build_file }}
build_context: ${{ matrix.build_context }}
triggers: ${{ matrix.triggers }}
deploys:
name: Deploys
needs:
- builds
runs-on: ubuntu-22.04
environment: test
env:
project_name: nr-oracle
app_name: nr-oracle-service
environment: development
secret_path_env: dev # this path is different from the path in the broker
steps:
- uses: actions/checkout@v4
- name: Broker
id: broker
uses: bcgov-nr/[email protected]
with:
broker_jwt: ${{ secrets.BROKER_JWT }}
provision_role_id: ${{ secrets.PROVISION_ROLE }}
project_name: ${{ env.project_name }}
app_name: ${{ env.app_name }}
environment: ${{ env.environment }}
- name: Import Secrets
id: secrets
uses: hashicorp/[email protected]
with:
url: https://vault-iit.apps.silver.devops.gov.bc.ca
token: ${{ steps.broker.outputs.vault_token }}
exportEnv: 'true'
secrets: |
apps/data/${{ env.secret_path_env }}/${{ env.project_name }}/${{ env.app_name }}/rar dbHost | DB_HOST;
apps/data/${{ env.secret_path_env }}/${{ env.project_name }}/${{ env.app_name }}/rar dbName | DB_NAME;
apps/data/${{ env.secret_path_env }}/${{ env.project_name }}/${{ env.app_name }}/rar dbPassword | DB_PWD;
apps/data/${{ env.secret_path_env }}/${{ env.project_name }}/${{ env.app_name }}/rar dbUser | DB_USER;
- name: Deploy to Openshift
working-directory: charts/nr-oracle-service
shell: bash
run: |
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
oc project ${{ vars.OC_NAMESPACE }} # Safeguard!
# uninstall if found
helm uninstall ${{ github.event.repository.name }}-${{ github.event.number }} || true
# Deploy Helm Chart
helm dependency update
helm package --app-version="${{ github.event.number }}" --version=${{ github.event.number }} .
helm upgrade \
--set-string app.envs.DB_HOST=${{ steps.secrets.outputs.DB_HOST }} \
--set-string app.envs.DB_NAME=${{ steps.secrets.outputs.DB_NAME }} \
--set-string app.envs.DB_PASSWORD=${{ steps.secrets.outputs.DB_PWD }} \
--set-string app.envs.DB_USER=${{ steps.secrets.outputs.DB_USER }} \
--set-string app.envs.DB_PORT="1543" \
--set-string image.tag="${{ github.event.number }}" \
--set-string namespace=${{ vars.oc_namespace }} \
--install --wait --atomic ${{ github.event.repository.name }}-${{ github.event.number }} \
--values values.yaml \
./${{ github.event.repository.name }}-${{ github.event.number }}.tgz
# print history
helm history ${{ github.event.repository.name }}-${{ github.event.number }}
# Remove old build runs, build pods and deployment pods
oc delete po --field-selector=status.phase==Succeeded