diff --git a/.github/workflows/build.from.developer.branch.deploy.to.dev.yml b/.github/workflows/build.from.developer.branch.deploy.to.dev.yml index 3e6d757a..9b24c660 100644 --- a/.github/workflows/build.from.developer.branch.deploy.to.dev.yml +++ b/.github/workflows/build.from.developer.branch.deploy.to.dev.yml @@ -7,6 +7,9 @@ env: OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_NAMESPACE }}-dev + COMMON_NAMESPACE: ${{ secrets.COMMON_NAMESPACE }} + NAMESPACE: ${{ secrets.GRAD_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }} # 🖊️ EDIT to change the image registry settings. # Registries such as GHCR, Quay.io, and Docker Hub are supported. @@ -15,18 +18,18 @@ env: IMAGE_REGISTRY_PASSWORD: ${{ github.token }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-report-api-dc - DOCKER_ARTIFACTORY_REPO: artifacts.developer.gov.bc.ca/docker-remote REPO_NAME: "educ-grad-graduation-report-api" APP_DOMAIN: ${{ secrets.APP_DOMAIN }} + BRANCH: "main" TAG: "latest" - #GRAD2-1947 Resource optmization MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "256Mi" MAX_MEM: "1024Mi" MIN_REPLICAS: "3" MAX_REPLICAS: "5" + on: # https://docs.github.com/en/actions/reference/events-that-trigger-workflows workflow_dispatch: @@ -39,6 +42,8 @@ on: - develop/chris - develop/jinil - develop/km + - develop/mchintha + - grad-hotfix jobs: openshift-ci-cd: @@ -47,9 +52,9 @@ jobs: runs-on: ubuntu-20.04 environment: dev - outputs: - ROUTE: ${{ steps.deploy-and-expose.outputs.route }} - SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} + #outputs: + #ROUTE: ${{ steps.deploy-and-expose.outputs.route }} + #SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} steps: - name: Check out repository @@ -65,8 +70,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - registry: ${{ env.DOCKER_ARTIFACTORY_REPO }} - username: ${{ secrets.DOCKER_ARTIFACTORY_USERNAME }} + registry: ${{ vars.DOCKER_ARTIFACTORY_REPO }} + username: ${{ vars.DOCKER_ARTIFACTORY_USERNAME }} password: ${{ secrets.DOCKER_ARTIFACTORY_ACCESS_TOKEN }} # https://github.com/redhat-actions/buildah-build#readme @@ -114,8 +119,21 @@ jobs: oc -n ${{ env.OPENSHIFT_NAMESPACE }} tag ${{ steps.push-image.outputs.registry-path }} ${{ env.REPO_NAME }}:${{ env.TAG }} # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} \ + -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ github.event.inputs.choice }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + dev \ + ${{ env.REPO_NAME }} \ + ${{ env.NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} # Start rollout (if necessary) and follow it oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ @@ -128,4 +146,4 @@ jobs: - name: ZAP Scan uses: zaproxy/action-api-scan@v0.1.0 with: - target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' + target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' diff --git a/.github/workflows/build.from.main.branch.deploy.to.dev.yml b/.github/workflows/build.from.main.branch.deploy.to.dev.yml index 5606ca67..6cd6da1b 100644 --- a/.github/workflows/build.from.main.branch.deploy.to.dev.yml +++ b/.github/workflows/build.from.main.branch.deploy.to.dev.yml @@ -1,13 +1,15 @@ name: Build & Deploy to DEV from main branch env: - # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_NAMESPACE }}-dev + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-dev + COMMON_NAMESPACE: ${{ vars.COMMON_NAMESPACE }} + GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ vars.GRAD_BUSINESS_NAMESPACE }} # 🖊️ EDIT to change the image registry settings. # Registries such as GHCR, Quay.io, and Docker Hub are supported. @@ -16,12 +18,11 @@ env: IMAGE_REGISTRY_PASSWORD: ${{ github.token }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-report-api-dc - DOCKER_ARTIFACTORY_REPO: artifacts.developer.gov.bc.ca/docker-remote REPO_NAME: "educ-grad-graduation-report-api" - APP_DOMAIN: ${{ secrets.APP_DOMAIN }} + APP_DOMAIN: ${{ vars.APP_DOMAIN }} + BRANCH: "main" TAG: "latest" - #GRAD2-1947 Resource optmization MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "256Mi" @@ -36,14 +37,9 @@ on: jobs: openshift-ci-cd: name: Build and deploy to OpenShift DEV - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: dev - outputs: - ROUTE: ${{ steps.deploy-and-expose.outputs.route }} - SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} - steps: - name: Check out repository uses: actions/checkout@v3 @@ -56,8 +52,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - registry: ${{ env.DOCKER_ARTIFACTORY_REPO }} - username: ${{ secrets.DOCKER_ARTIFACTORY_USERNAME }} + registry: ${{ vars.DOCKER_ARTIFACTORY_REPO }} + username: ${{ vars.DOCKER_ARTIFACTORY_USERNAME }} password: ${{ secrets.DOCKER_ARTIFACTORY_ACCESS_TOKEN }} # https://github.com/redhat-actions/buildah-build#readme @@ -105,8 +101,21 @@ jobs: oc -n ${{ env.OPENSHIFT_NAMESPACE }} tag ${{ steps.push-image.outputs.registry-path }} ${{ env.REPO_NAME }}:${{ env.TAG }} # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} \ + -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + dev \ + ${{ env.REPO_NAME }} \ + ${{ env.GRAD_NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} # Start rollout (if necessary) and follow it oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ @@ -119,4 +128,4 @@ jobs: - name: ZAP Scan uses: zaproxy/action-api-scan@v0.1.0 with: - target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' + target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' \ No newline at end of file diff --git a/.github/workflows/build.from.release.branch.deploy.to.dev.yml b/.github/workflows/build.from.release.branch.deploy.to.dev.yml index 45d0daae..df9ce96c 100644 --- a/.github/workflows/build.from.release.branch.deploy.to.dev.yml +++ b/.github/workflows/build.from.release.branch.deploy.to.dev.yml @@ -4,9 +4,12 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_NAMESPACE }}-dev + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-dev + COMMON_NAMESPACE: ${{ vars.COMMON_NAMESPACE }} + GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ vars.GRAD_BUSINESS_NAMESPACE }} # 🖊️ EDIT to change the image registry settings. # Registries such as GHCR, Quay.io, and Docker Hub are supported. @@ -15,18 +18,17 @@ env: IMAGE_REGISTRY_PASSWORD: ${{ github.token }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-report-api-dc - DOCKER_ARTIFACTORY_REPO: artifacts.developer.gov.bc.ca/docker-remote - REPO_NAME: "educ-grad-graduation-report-api" - APP_DOMAIN: ${{ secrets.APP_DOMAIN }} + APP_DOMAIN: ${{ vars.APP_DOMAIN }} + BRANCH: "grad-release" TAG: "latest" - #GRAD2-1947 Resource optmization MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "256Mi" MAX_MEM: "1024Mi" MIN_REPLICAS: "3" MAX_REPLICAS: "5" + on: # https://docs.github.com/en/actions/reference/events-that-trigger-workflows workflow_dispatch: @@ -40,14 +42,9 @@ on: jobs: openshift-ci-cd: name: Build and deploy to OpenShift DEV from release branch - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: dev - outputs: - ROUTE: ${{ steps.deploy-and-expose.outputs.route }} - SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} - steps: - name: Check out repository uses: actions/checkout@v3 @@ -62,8 +59,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - registry: ${{ env.DOCKER_ARTIFACTORY_REPO }} - username: ${{ secrets.DOCKER_ARTIFACTORY_USERNAME }} + registry: ${{ vars.DOCKER_ARTIFACTORY_REPO }} + username: ${{ vars.DOCKER_ARTIFACTORY_USERNAME }} password: ${{ secrets.DOCKER_ARTIFACTORY_ACCESS_TOKEN }} # https://github.com/redhat-actions/buildah-build#readme @@ -111,8 +108,21 @@ jobs: oc -n ${{ env.OPENSHIFT_NAMESPACE }} tag ${{ steps.push-image.outputs.registry-path }} ${{ env.REPO_NAME }}:${{ env.TAG }} # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} \ + -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + dev \ + ${{ env.REPO_NAME }} \ + ${{ env.GRAD_NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} # Start rollout (if necessary) and follow it oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ @@ -125,4 +135,4 @@ jobs: - name: ZAP Scan uses: zaproxy/action-api-scan@v0.1.0 with: - target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' + target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' \ No newline at end of file diff --git a/.github/workflows/create_tag.yml b/.github/workflows/create_tag.yml index e45232c0..97b7eebd 100644 --- a/.github/workflows/create_tag.yml +++ b/.github/workflows/create_tag.yml @@ -4,16 +4,16 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_NAMESPACE }}-dev + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-dev # 🖊️ EDIT to specify custom tags for the container image, or default tags will be generated below. IMAGE_TAGS: "" REPO_NAME: "educ-grad-graduation-report-api" BRANCH: "master" - NAMESPACE: ${{ secrets.GRAD_NAMESPACE }} + NAMESPACE: ${{ vars.GRAD_NAMESPACE }} on: # https://docs.github.com/en/actions/reference/events-that-trigger-workflows @@ -26,7 +26,6 @@ on: jobs: tag_image: name: Tag Image - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: dev @@ -35,32 +34,32 @@ jobs: SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} steps: - - name: Check out repository - uses: actions/checkout@v2 + - name: Check out repository + uses: actions/checkout@v2 - - name: Create tag - uses: actions/github-script@v5 - with: - script: | - github.rest.git.createRef({ - owner: context.repo.owner, - repo: context.repo.repo, - ref: 'refs/tags/${{ github.event.inputs.version }}', - sha: context.sha - }) + - name: Create tag + uses: actions/github-script@v5 + with: + script: | + github.rest.git.createRef({ + owner: context.repo.owner, + repo: context.repo.repo, + ref: 'refs/tags/${{ github.event.inputs.version }}', + sha: context.sha + }) - - name: Install oc - uses: redhat-actions/openshift-tools-installer@v1 - with: - oc: 4 + - name: Install oc + uses: redhat-actions/openshift-tools-installer@v1 + with: + oc: 4 - # https://github.com/redhat-actions/oc-login#readme - - uses: actions/checkout@v2 - - name: Tag in OpenShift - run: | - set -eux - # Login to OpenShift and select project - oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }} - oc project ${{ env.OPENSHIFT_NAMESPACE }} - - oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:latest ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:${{ github.event.inputs.version }} \ No newline at end of file + # https://github.com/redhat-actions/oc-login#readme + - uses: actions/checkout@v2 + - name: Tag in OpenShift + run: | + set -eux + # Login to OpenShift and select project + oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }} + oc project ${{ env.OPENSHIFT_NAMESPACE }} + + oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:latest ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:${{ github.event.inputs.version }} \ No newline at end of file diff --git a/.github/workflows/deploy_prod.yml b/.github/workflows/deploy_prod.yml index 614d6805..ac004af5 100644 --- a/.github/workflows/deploy_prod.yml +++ b/.github/workflows/deploy_prod.yml @@ -4,17 +4,19 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_NAMESPACE }}-prod + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-prod + COMMON_NAMESPACE: ${{ vars.COMMON_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ vars.GRAD_BUSINESS_NAMESPACE }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-report-api-dc REPO_NAME: "educ-grad-graduation-report-api" - APP_DOMAIN: ${{ secrets.APP_DOMAIN }} - NAMESPACE: ${{ secrets.GRAD_NAMESPACE }} + APP_DOMAIN: ${{ vars.APP_DOMAIN }} + GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }} TAG: "latest" - + BRANCH: "main" MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "256Mi" @@ -29,7 +31,6 @@ on: jobs: deploy-to-openshift-prod: name: Deploy to OpenShift PROD - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: prod @@ -62,11 +63,25 @@ jobs: oc rollout cancel dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ || true && echo "No rollout in progress" - oc tag ${{ env.NAMESPACE }}-test/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} ${{ env.NAMESPACE }}-prod/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} + oc tag ${{ env.GRAD_NAMESPACE }}-test/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} \ + ${{ env.GRAD_NAMESPACE }}-prod/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ steps.get-latest-tag.outputs.tag }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ steps.get-latest-tag.outputs.tag }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} \ + -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + prod \ + ${{ env.REPO_NAME }} \ + ${{ env.GRAD_NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} # Start rollout (if necessary) and follow it oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ diff --git a/.github/workflows/deploy_test.yml b/.github/workflows/deploy_test.yml index 6b6a9d82..94f14600 100644 --- a/.github/workflows/deploy_test.yml +++ b/.github/workflows/deploy_test.yml @@ -4,17 +4,19 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_NAMESPACE }}-test + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-test + COMMON_NAMESPACE: ${{ vars.COMMON_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ vars.GRAD_BUSINESS_NAMESPACE }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-report-api-dc REPO_NAME: "educ-grad-graduation-report-api" - APP_DOMAIN: ${{ secrets.APP_DOMAIN }} - NAMESPACE: ${{ secrets.GRAD_NAMESPACE }} + APP_DOMAIN: ${{ vars.APP_DOMAIN }} + GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }} TAG: "latest" - + BRANCH: "main" MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "256Mi" @@ -29,7 +31,6 @@ on: jobs: deploy-to-openshift-test: name: Deploy to OpenShift TEST - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: test @@ -62,15 +63,29 @@ jobs: oc rollout cancel dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ || true && echo "No rollout in progress" - oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} ${{ env.NAMESPACE }}-test/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} + oc tag ${{ env.GRAD_NAMESPACE }}-dev/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} \ + ${{ env.GRAD_NAMESPACE }}-test/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ steps.get-latest-tag.outputs.tag }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ steps.get-latest-tag.outputs.tag }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} \ + -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + test \ + ${{ env.REPO_NAME }} \ + ${{ env.GRAD_NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} # Start rollout (if necessary) and follow it oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ || true && echo "Rollout in progress" oc logs -f dc/${{ env.SPRING_BOOT_IMAGE_NAME }} # Get status, returns 0 if rollout is successful - oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }} \ No newline at end of file + oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }} diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index 380f4416..a6fc8ac8 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -1,4 +1,4 @@ -name: API CI +name: API Build on: pull_request: @@ -11,6 +11,7 @@ jobs: quality_profile: runs-on: ubuntu-20.04 + defaults: run: working-directory: api @@ -52,8 +53,8 @@ jobs: - name: Run Sonar Analysis run: mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} - -Dsonar.host.url=https://sonarcloud.io - -Dsonar.organization=bcgov-sonarcloud - -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} + -Dsonar.host.url=${{ vars.SONAR_HOST_URL }} + -Dsonar.organization=${{ vars.SONAR_ORG }} + -Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY }} env: GITHUB_TOKEN: ${{ github.token }} diff --git a/tools/config/update-configmap.sh b/tools/config/update-configmap.sh new file mode 100644 index 00000000..bde28e8b --- /dev/null +++ b/tools/config/update-configmap.sh @@ -0,0 +1,69 @@ +########################################################### +#ENV VARS +########################################################### +envValue=$1 +APP_NAME=$2 +GRAD_NAMESPACE=$3 +COMMON_NAMESPACE=$4 +BUSINESS_NAMESPACE=$5 +SPLUNK_TOKEN=$6 +APP_LOG_LEVEL=$7 + +SPLUNK_URL="gww.splunk.educ.gov.bc.ca" +FLB_CONFIG="[SERVICE] + Flush 1 + Daemon Off + Log_Level info + HTTP_Server On + HTTP_Listen 0.0.0.0 + Parsers_File parsers.conf +[INPUT] + Name tail + Path /mnt/log/* + Exclude_Path *.gz,*.zip + Parser docker + Mem_Buf_Limit 20MB +[FILTER] + Name record_modifier + Match * + Record hostname \${HOSTNAME} +[OUTPUT] + Name stdout + Match absolutely_nothing_at_all + Log_Level off +[OUTPUT] + Name splunk + Match * + Host $SPLUNK_URL + Port 443 + TLS On + TLS.Verify Off + Message_Key $APP_NAME + Splunk_Token $SPLUNK_TOKEN +" +PARSER_CONFIG=" +[PARSER] + Name docker + Format json +" +########################################################### +#Setup for config-maps +########################################################### +echo Creating config map "$APP_NAME"-config-map +oc create -n "$GRAD_NAMESPACE"-"$envValue" configmap "$APP_NAME"-config-map \ + --from-literal=APP_LOG_LEVEL="$APP_LOG_LEVEL" \ + --from-literal=CONNECTION_TIMEOUT="60000" \ + --from-literal=GRAD_STUDENT_API="http://educ-grad-student-api.$GRAD_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=GRAD_TRAX_API="http://educ-grad-trax-api.$GRAD_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=KEYCLOAK_TOKEN_URL="https://soam-$envValue.apps.silver.devops.gov.bc.ca/" \ + --from-literal=MAXIMUM_POOL_SIZE="30" \ + --from-literal=MAX_LIFETIME="600000" \ + --dry-run=client -o yaml | oc apply -f - +echo + +echo Creating config map "$APP_NAME"-flb-sc-config-map +oc create -n "$GRAD_NAMESPACE"-"$envValue" configmap "$APP_NAME"-flb-sc-config-map \ + --from-literal=fluent-bit.conf="$FLB_CONFIG" \ + --from-literal=parsers.conf="$PARSER_CONFIG" \ + --dry-run=client -o yaml | oc apply -f - +