Merge pull request #97 from bcgov/ci/githubactions

Migrate CI/CD pipeline from Jenkins to Github Actions
bcgov · Nov 14, 2023 · 05e2865 · 05e2865
2 parents 69c8c16 + 3ef3ced
commit 05e2865
Show file tree

Hide file tree

Showing 14 changed files with 173 additions and 1,386 deletions.
diff --git a/.github/actions/deploy-to-environment/action.yaml b/.github/actions/deploy-to-environment/action.yaml
@@ -7,6 +7,9 @@ inputs:
   acronym:
     description: Application acronym
     required: true
+  aws_role_arn:
+    description: AWS Role ARN
+    required: true
   environment:
     description: Logical Github Environment
     required: true
@@ -50,6 +53,7 @@ runs:
         --set image.repository=ghcr.io/${{ github.repository_owner }}
         --set image.tag=sha-$(git rev-parse --short HEAD)
         --set route.host=${{ inputs.acronym }}-${{ inputs.namespace_environment }}-${{ inputs.job_name }}.apps.silver.devops.gov.bc.ca
+        --set fluentBit.config.aws.roleArn=${{ inputs.aws_role_arn }}
         --timeout 10m
         --wait
 

diff --git a/.github/workflows/on-pr-closed.yaml b/.github/workflows/on-pr-closed.yaml
@@ -0,0 +1,53 @@
+name: Pull Request Closed
+
+env:
+  ACRONYM: cdogs
+  APP_NAME: common-document-generation-service
+  NAMESPACE_PREFIX: 2250c5
+
+on:
+  pull_request:
+    branches:
+      - master
+    types:
+      - closed
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  remove-pr-dev:
+    name: Remove PR build from dev namespace
+    if: "! github.event.pull_request.head.repo.fork"
+    environment:
+      name: pr
+      url: https://${{ env.ACRONYM }}-dev-pr-${{ github.event.number }}.apps.silver.devops.gov.bc.ca
+    runs-on: ubuntu-latest
+    timeout-minutes: 12
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+    - name: Login to OpenShift Cluster
+      uses: redhat-actions/oc-login@v1
+      with:
+        openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }}
+        openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
+        insecure_skip_tls_verify: true
+        namespace: ${{ env.NAMESPACE_PREFIX }}-dev
+    - name: Remove PR Deployment
+      shell: bash
+      run: |
+        helm uninstall --namespace ${{ env.NAMESPACE_PREFIX }}-dev pr-${{ github.event.number }} --timeout 10m --wait
+        oc delete --namespace ${{ env.NAMESPACE_PREFIX }}-dev cm,secret --selector app.kubernetes.io/instance=pr-${{ github.event.number }}
+    - name: Remove Release Comment on PR
+      uses: marocchino/sticky-pull-request-comment@v2
+      with:
+        header: release
+        delete: true
+    - name: Remove Github Deployment Environment
+      uses: strumwolf/delete-deployment-environment@v2
+      with:
+        environment: pr
+        onlyRemoveDeployments: true
+        token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/on-pr-opened.yaml b/.github/workflows/on-pr-opened.yaml
@@ -34,3 +34,34 @@ jobs:
           image_name: ${{ env.APP_NAME }}
           github_username: ${{ github.repository_owner }}
           github_token: ${{ secrets.GITHUB_TOKEN }}
+
+  deploy-pr-dev:
+    name: Deploy Pull Request to Dev
+    environment:
+      name: pr
+      url: https://${{ env.ACRONYM }}-dev-pr-${{ github.event.number }}.apps.silver.devops.gov.bc.ca
+    runs-on: ubuntu-latest
+    needs: build
+    timeout-minutes: 12
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Deploy to Dev
+        uses: ./.github/actions/deploy-to-environment
+        with:
+          app_name: ${{ env.APP_NAME }}
+          acronym: ${{ env.ACRONYM }}
+          aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
+          environment: pr
+          job_name: pr-${{ github.event.number }}
+          namespace_prefix: ${{ env.NAMESPACE_PREFIX }}
+          namespace_environment: dev
+          openshift_server: ${{ secrets.OPENSHIFT_SERVER }}
+          openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
+      - name: Release Comment on PR
+        uses: marocchino/sticky-pull-request-comment@v2
+        if: success()
+        with:
+          header: release
+          message: |
+            Release ${{ github.sha }} deployed at <https://${{ env.ACRONYM }}-dev-pr-${{ github.event.number }}.apps.silver.devops.gov.bc.ca>
diff --git a/.github/workflows/on-push.yaml b/.github/workflows/on-push.yaml
@@ -33,3 +33,80 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
           dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }}
+
+  deploy-dev:
+    name: Deploy to Dev
+    environment:
+      name: dev
+      url: https://${{ env.ACRONYM }}-dev-master.apps.silver.devops.gov.bc.ca
+    runs-on: ubuntu-latest
+    needs: build
+    timeout-minutes: 12
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Deploy to Dev
+        uses: ./.github/actions/deploy-to-environment
+        with:
+          app_name: ${{ env.APP_NAME }}
+          acronym: ${{ env.ACRONYM }}
+          aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
+          environment: dev
+          job_name: master
+          namespace_prefix: ${{ env.NAMESPACE_PREFIX }}
+          namespace_environment: dev
+          openshift_server: ${{ secrets.OPENSHIFT_SERVER }}
+          openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
+
+  deploy-test:
+    name: Deploy to Test
+    environment:
+      name: test
+      url: https://${{ env.ACRONYM }}-test-master.apps.silver.devops.gov.bc.ca
+    runs-on: ubuntu-latest
+    needs:
+      - build
+      - deploy-dev
+    timeout-minutes: 12
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Deploy to Test
+        uses: ./.github/actions/deploy-to-environment
+        with:
+          app_name: ${{ env.APP_NAME }}
+          acronym: ${{ env.ACRONYM }}
+          aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
+          environment: test
+          job_name: master
+          namespace_prefix: ${{ env.NAMESPACE_PREFIX }}
+          namespace_environment: test
+          openshift_server: ${{ secrets.OPENSHIFT_SERVER }}
+          openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
+
+  deploy-prod:
+    name: Deploy to Prod
+    environment:
+      name: prod
+      url: https://${{ env.ACRONYM }}-prod-master.apps.silver.devops.gov.bc.ca
+    runs-on: ubuntu-latest
+    needs:
+      - build
+      - deploy-dev
+      - deploy-test
+    timeout-minutes: 12
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Deploy to Prod
+        uses: ./.github/actions/deploy-to-environment
+        with:
+          app_name: ${{ env.APP_NAME }}
+          acronym: ${{ env.ACRONYM }}
+          aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
+          environment: prod
+          job_name: master
+          namespace_prefix: ${{ env.NAMESPACE_PREFIX }}
+          namespace_environment: prod
+          openshift_server: ${{ secrets.OPENSHIFT_SERVER }}
+          openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
diff --git a/Jenkinsfile b/Jenkinsfile