diff --git a/.github/workflows/test-ci-dc-2-d.yaml b/.github/workflows/test-ci-dc-2-d.yaml new file mode 100644 index 000000000..d79a5f8ca --- /dev/null +++ b/.github/workflows/test-ci-dc-2-d.yaml @@ -0,0 +1,324 @@ +name: TFRS New Pipeline Dev + +on: + workflow_dispatch: + +env: + GIT_URL: https://github.com/bcgov/tfrs.git + TOOLS_NAMESPACE: ${{ secrets.OPENSHIFT_NAMESPACE_PLATE }}-tools + TEST_NAMESPACE: ${{ secrets.OPENSHIFT_NAMESPACE_PLATE }}-test + GIT_REF: "master" + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + get-version: + name: Get the version + runs-on: ubuntu-latest + + outputs: + VERSION: ${{ steps.get-version.outputs.VERSION }} + + steps: + - id: get-version + run: | + echo "VERSION=2.21.0" >> $GITHUB_OUTPUT + + build-backend: + name: Build tfrs Backend + runs-on: ubuntu-latest + timeout-minutes: 60 + needs: [get-version] + + env: + BUILD_SUFFIX: ${{ needs.get-version.outputs.VERSION }} + + steps: + - name: Check out repository + uses: actions/checkout@v4.1.1 + with: + ref: ${{ env.GIT_REF }} + + - name: Log in to Openshift + uses: redhat-actions/oc-login@v1.3 + with: + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + insecure_skip_tls_verify: true + namespace: ${{ env.TOOLS_NAMESPACE }} + + - name: Build tfrs Backend + run: | + cd openshift-v4/templates/backend + oc process -f ./backend-bc-docker.yaml NAME=tfrs SUFFIX=-${{ env.BUILD_SUFFIX }} VERSION=${{ env.BUILD_SUFFIX }} GIT_URL=${{ env.GIT_URL }} GIT_REF=${{ env.GIT_REF }} | oc apply --wait=true -f - -n ${{ env.TOOLS_NAMESPACE }} + sleep 2s + for build in $(oc -n ${{ env.TOOLS_NAMESPACE }} get builds -l buildconfig=tfrs-backend-${{ env.BUILD_SUFFIX }} -o jsonpath='{.items[?(@.status.phase=="Running")].metadata.name}'); do + echo "canceling $build" + oc -n ${{ env.TOOLS_NAMESPACE }} cancel-build $build + done + sleep 2s + oc -n ${{ env.TOOLS_NAMESPACE }} start-build tfrs-backend-${{ env.BUILD_SUFFIX }} --wait=true + + build-frontend: + name: Build TFRS Frontend + runs-on: ubuntu-latest + timeout-minutes: 60 + needs: [get-version] + + env: + BUILD_SUFFIX: ${{ needs.get-version.outputs.VERSION }} + + steps: + - name: Check out repository + uses: actions/checkout@v4.1.1 + with: + ref: ${{ env.GIT_REF }} + + - name: Log in to Openshift + uses: redhat-actions/oc-login@v1.3 + with: + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + insecure_skip_tls_verify: true + namespace: ${{ env.TOOLS_NAMESPACE }} + + - name: Build TFRS Frontend + run: | + cd openshift-v4/templates/frontend + oc process -f ./frontend-bc-docker.yaml NAME=tfrs SUFFIX=-${{ env.BUILD_SUFFIX }} VERSION=${{ env.BUILD_SUFFIX }} GIT_URL=${{ env.GIT_URL }} GIT_REF=${{ env.GIT_REF }} | oc apply --wait=true -f - -n ${{ env.TOOLS_NAMESPACE }} + sleep 2s + for build in $(oc -n ${{ env.TOOLS_NAMESPACE }} get builds -l buildconfig=tfrs-frontend-${{ env.BUILD_SUFFIX }} -o jsonpath='{.items[?(@.status.phase=="Running")].metadata.name}'); do + echo "canceling $build" + oc -n ${{ env.TOOLS_NAMESPACE }} cancel-build $build + done + sleep 2s + oc -n ${{ env.TOOLS_NAMESPACE }} start-build tfrs-frontend-${{ env.BUILD_SUFFIX }} --wait=true + + build-scan-coordinator: + name: Build TFRS scan-coordinator + runs-on: ubuntu-latest + timeout-minutes: 60 + needs: [get-version] + + env: + BUILD_SUFFIX: ${{ needs.get-version.outputs.VERSION }} + + steps: + - name: Check out repository + uses: actions/checkout@v4.1.1 + with: + ref: ${{ env.GIT_REF }} + + - name: Log in to Openshift + uses: redhat-actions/oc-login@v1.3 + with: + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + insecure_skip_tls_verify: true + namespace: ${{ env.TOOLS_NAMESPACE }} + + - name: Build TFRS scan-coordinator + run: | + cd openshift-v4/templates/scan-coordinator + oc process -f ./scan-coordinator-bc.yaml NAME=tfrs SUFFIX=-${{ env.BUILD_SUFFIX }} VERSION=${{ env.BUILD_SUFFIX }} GIT_URL=${{ env.GIT_URL }} GIT_REF=${{ env.GIT_REF }} | oc apply --wait=true -f - -n ${{ env.TOOLS_NAMESPACE }} + sleep 2s + for build in $(oc -n ${{ env.TOOLS_NAMESPACE }} get builds -l buildconfig=tfrs-scan-coordinator-${{ env.BUILD_SUFFIX }} -o jsonpath='{.items[?(@.status.phase=="Running")].metadata.name}'); do + echo "canceling $build" + oc -n ${{ env.TOOLS_NAMESPACE }} cancel-build $build + done + sleep 2s + oc -n ${{ env.TOOLS_NAMESPACE }} start-build tfrs-scan-coordinator-${{ env.BUILD_SUFFIX }} --wait=true + + build-celery: + name: Build TFRS Celery + runs-on: ubuntu-latest + timeout-minutes: 60 + needs: [get-version, build-backend, build-frontend, build-scan-coordinator] + + env: + BUILD_SUFFIX: ${{ needs.get-version.outputs.VERSION }} + + steps: + - name: Check out repository + uses: actions/checkout@v4.1.1 + with: + ref: ${{ env.GIT_REF }} + + - name: Log in to Openshift + uses: redhat-actions/oc-login@v1.3 + with: + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + insecure_skip_tls_verify: true + namespace: ${{ env.TOOLS_NAMESPACE }} + + - name: Build TFRS Celery + run: | + cd openshift-v4/templates/celery + oc process -f ./celery-bc-docker.yaml NAME=tfrs SUFFIX=-${{ env.BUILD_SUFFIX }} VERSION=${{ env.BUILD_SUFFIX }} GIT_URL=${{ env.GIT_URL }} GIT_REF=${{ env.GIT_REF }} | oc apply --wait=true -f - -n ${{ env.TOOLS_NAMESPACE }} + sleep 2s + for build in $(oc -n ${{ env.TOOLS_NAMESPACE }} get builds -l buildconfig=tfrs-celery-${{ env.BUILD_SUFFIX }} -o jsonpath='{.items[?(@.status.phase=="Running")].metadata.name}'); do + echo "canceling $build" + oc -n ${{ env.TOOLS_NAMESPACE }} cancel-build $build + done + sleep 2s + oc -n ${{ env.TOOLS_NAMESPACE }} start-build tfrs-celery-${{ env.BUILD_SUFFIX }} --wait=true + + build-scan-handler: + name: Build TFRS scan-handler + runs-on: ubuntu-latest + timeout-minutes: 60 + needs: [get-version, build-backend, build-frontend, build-scan-coordinator] + + env: + BUILD_SUFFIX: ${{ needs.get-version.outputs.VERSION }} + + steps: + - name: Check out repository + uses: actions/checkout@v4.1.1 + with: + ref: ${{ env.GIT_REF }} + + - name: Log in to Openshift + uses: redhat-actions/oc-login@v1.3 + with: + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + insecure_skip_tls_verify: true + namespace: ${{ env.TOOLS_NAMESPACE }} + + - name: Build TFRS scan-handler + run: | + cd openshift-v4/templates/scan-handler + oc process -f ./scan-handler-bc-docker.yaml NAME=tfrs SUFFIX=-${{ env.BUILD_SUFFIX }} VERSION=${{ env.BUILD_SUFFIX }} GIT_URL=${{ env.GIT_URL }} GIT_REF=${{ env.GIT_REF }} | oc apply --wait=true -f - -n ${{ env.TOOLS_NAMESPACE }} + sleep 2s + for build in $(oc -n ${{ env.TOOLS_NAMESPACE }} get builds -l buildconfig=tfrs-scan-handler-${{ env.BUILD_SUFFIX }} -o jsonpath='{.items[?(@.status.phase=="Running")].metadata.name}'); do + echo "canceling $build" + oc -n ${{ env.TOOLS_NAMESPACE }} cancel-build $build + done + sleep 2s + oc -n ${{ env.TOOLS_NAMESPACE }} start-build tfrs-scan-handler-${{ env.BUILD_SUFFIX }} --wait=true + + build-notification-server: + name: Build TFRS Notification Server + runs-on: ubuntu-latest + timeout-minutes: 60 + needs: [get-version, build-backend, build-frontend, build-scan-coordinator] + + env: + BUILD_SUFFIX: ${{ needs.get-version.outputs.VERSION }} + + steps: + - name: Check out repository + uses: actions/checkout@v4.1.1 + with: + ref: ${{ env.GIT_REF }} + + - name: Log in to Openshift + uses: redhat-actions/oc-login@v1.3 + with: + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + insecure_skip_tls_verify: true + namespace: ${{ env.TOOLS_NAMESPACE }} + + - name: Build TFRS Notification Server + run: | + cd openshift-v4/templates/notification + oc process -f ./notification-server-bc.yaml NAME=tfrs SUFFIX=-${{ env.BUILD_SUFFIX }} VERSION=${{ env.BUILD_SUFFIX }} GIT_URL=${{ env.GIT_URL }} GIT_REF=${{ env.GIT_REF }} | oc apply --wait=true -f - -n ${{ env.TOOLS_NAMESPACE }} + sleep 2s + for build in $(oc -n ${{ env.TOOLS_NAMESPACE }} get builds -l buildconfig=tfrs-notification-server-${{ env.BUILD_SUFFIX }} -o jsonpath='{.items[?(@.status.phase=="Running")].metadata.name}'); do + echo "canceling $build" + oc -n ${{ env.TOOLS_NAMESPACE }} cancel-build $build + done + sleep 2s + oc -n ${{ env.TOOLS_NAMESPACE }} start-build tfrs-notification-server-${{ env.BUILD_SUFFIX }} --wait=true + + deploy: + name: Deploy on Dev + runs-on: ubuntu-latest + timeout-minutes: 60 + # needs: [get-version] + needs: + [ + get-version, + build-backend, + build-frontend, + build-celery, + build-scan-handler, + build-scan-coordinator, + build-notification-server, + ] + + env: + BUILD_SUFFIX: ${{ needs.get-version.outputs.VERSION }} + VERSION: ${{ needs.get-version.outputs.VERSION }} + + steps: + - name: Checkout Manifest repository + uses: actions/checkout@v4.1.1 + with: + repository: bcgov-c/tenant-gitops-0ab226 + ref: main + ssh-key: ${{ secrets.MANIFEST_REPO_DEPLOY_KEY }} + + - name: Update tags + uses: mikefarah/yq@v4.40.5 + with: + cmd: | + yq -i '.image.tag = "${{ env.BUILD_SUFFIX }}"' tfrs/charts/backend/values-test.yaml + yq -i '.image.tag = "${{ env.BUILD_SUFFIX }}"' tfrs/charts/frontend/values-test.yaml + yq -i '.image.tag = "${{ env.BUILD_SUFFIX }}"' tfrs/charts/notification-server/values-test.yaml + yq -i '.image.tag = "${{ env.BUILD_SUFFIX }}"' tfrs/charts/celery/values-test.yaml + yq -i '.image.tag = "${{ env.BUILD_SUFFIX }}"' tfrs/charts/scan-coordinator/values-test.yaml + yq -i '.image.tag = "${{ env.BUILD_SUFFIX }}"' tfrs/charts/scan-handler/values-test.yaml + + - name: GitHub Commit & Push + shell: bash {0} + run: | + git config --global user.email "actions@github.com" + git config --global user.name "GitHub Actions" + git add -A + git commit -m "Update the image tag to ${{ env.BUILD_SUFFIX }} on Test" + git push + + - name: Log in to Openshift + uses: redhat-actions/oc-login@v1.3 + with: + openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} + openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + insecure_skip_tls_verify: true + namespace: ${{ env.TOOLS_NAMESPACE }} + + - name: Tag and deploy to Test + run: | + helm -n ${{ env.TEST_NAMESPACE }} list + oc tag ${{ env.TOOLS_NAMESPACE }}/tfrs-backend:${{ env.BUILD_SUFFIX }} ${{ env.TEST_NAMESPACE }}/tfrs-backend:${{ env.BUILD_SUFFIX }} + oc tag ${{ env.TOOLS_NAMESPACE }}/tfrs-frontend:${{ env.BUILD_SUFFIX }} ${{ env.TEST_NAMESPACE }}/tfrs-frontend:${{ env.BUILD_SUFFIX }} + oc tag ${{ env.TOOLS_NAMESPACE }}/tfrs-celery:${{ env.BUILD_SUFFIX }} ${{ env.TEST_NAMESPACE }}/tfrs-celery:${{ env.BUILD_SUFFIX }} + oc tag ${{ env.TOOLS_NAMESPACE }}/tfrs-scan-coordinator:${{ env.BUILD_SUFFIX }} ${{ env.TEST_NAMESPACE }}/tfrs-scan-coordinator:${{ env.BUILD_SUFFIX }} + oc tag ${{ env.TOOLS_NAMESPACE }}/tfrs-scan-handler:${{ env.BUILD_SUFFIX }} ${{ env.TEST_NAMESPACE }}/tfrs-scan-handler:${{ env.BUILD_SUFFIX }} + oc tag ${{ env.TOOLS_NAMESPACE }}/tfrs-notification-server:${{ env.BUILD_SUFFIX }} ${{ env.TEST_NAMESPACE }}/tfrs-notification-server:${{ env.BUILD_SUFFIX }} + + - name: Helm Deployment + run: | + cd tfrs/charts/backend + helm -n ${{ env.TEST_NAMESPACE }} -f ./values-test.yaml upgrade --install tfrs-backend-test . \ + --set podAnnotations.rolloutTriggered="A$(date +%s)E" + cd ../frontend + helm -n ${{ env.TEST_NAMESPACE }} -f ./values-test.yaml upgrade --install tfrs-frontend-test . \ + --set podAnnotations.rolloutTriggered="A$(date +%s)E" + cd ../notification-server + helm -n ${{ env.TEST_NAMESPACE }} -f ./values-test.yaml upgrade --install tfrs-notification-server-test . \ + --set podAnnotations.rolloutTriggered="A$(date +%s)E" + cd ../celery + helm -n ${{ env.TEST_NAMESPACE }} -f ./values-test.yaml upgrade --install tfrs-celery-test . \ + --set podAnnotations.rolloutTriggered="A$(date +%s)E" + cd ../scan-coordinator + helm -n ${{ env.TEST_NAMESPACE }} -f ./values-test.yaml upgrade --install tfrs-scan-coordinator-test . \ + --set podAnnotations.rolloutTriggered="A$(date +%s)E" + cd ../scan-handler + helm -n ${{ env.TEST_NAMESPACE }} -f ./values-test.yaml upgrade --install tfrs-scan-handler-test . \ + --set podAnnotations.rolloutTriggered="A$(date +%s)E"