Skip to content

Deploy cirras-underwriting-api to qa #316

Deploy cirras-underwriting-api to qa

Deploy cirras-underwriting-api to qa #316

name: openshift deploy
run-name: Deploy ${{ inputs.MICROSERVICE_NAME }} to ${{ inputs.ENVIRONMENT_NAME}}
on:
workflow_dispatch:
inputs:
MICROSERVICE_NAME:
required: true
type: choice
options:
- cirras-underwriting-api
- cirras-underwriting-ui
- cirras-underwriting-jasper
ENVIRONMENT_NAME:
required: true
type: choice
options:
- dev
- qa
- dlvr
- test
- prod
NAMESPACE:
required: true
type: choice
options:
- a12541-dev
- a12541-test
- a12541-prod
TAG:
required: false
type: string
default: latest
workflow_call:
inputs:
MICROSERVICE_NAME:
required: true
type: string
ENVIRONMENT_NAME:
required: true
type: string
NAMESPACE:
required: true
type: string
TAG:
required: true
type: string
default: latest
jobs:
build:
runs-on: ubuntu-latest
environment:
name: ${{ inputs.ENVIRONMENT_NAME }}
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Copy openshift yaml files
run: mkdir staging && cp openshift/${{ inputs.MICROSERVICE_NAME }}*.yaml staging/
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ${{ vars.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: update IMAGE NAME variable if needed
id: updateImageName
run: |
export IMAGE_NAME="$([ "${{inputs.MICROSERVICE_NAME}}" == "cirras-underwriting-ui" ] && echo 'cirras-underwriting-war' || echo 'cirras-underwriting-api')"
echo "IMAGE_NAME=$IMAGE_NAME" >> $GITHUB_OUTPUT
- name: Get digest of docker image
id: getDigest
if: ${{ inputs.MICROSERVICE_NAME != 'cirras-underwriting-jasper'}}
run: |
export IMAGE='ghcr.io/${{github.repository_owner}}/${{ steps.updateImageName.outputs.IMAGE_NAME}}:${{ inputs.TAG }}'
docker pull $IMAGE
echo "IMAGE_BY_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' $IMAGE)" >> $GITHUB_OUTPUT
- name: Fill yaml files
uses: cschleiden/[email protected]
with:
files: staging/**.yaml
env:
#Common variables
LICENSE_PLATE: 'a12541'
#Vault path is different for prod than all other environments
VAULT_RESOURCE: ${{ inputs.NAMESPACE == 'a12541-prod' && 'prod' || 'nonprod' }}
ENV: ${{ inputs.ENVIRONMENT_NAME }}
NAMESPACE: ${{ inputs.NAMESPACE }}
TAG: ${{ inputs.TAG }}
IMAGE_BY_DIGEST: ${{ steps.getDigest.outputs.IMAGE_BY_DIGEST }}
SID: ${{ github.run_id }}
LOG_LEVEL: ${{ vars.LOG_LEVEL }}
CONNECTION_TIMEOUT: ${{ vars.CONNECTION_TIMEOUT }}
WEBADE_CHECK_CLIENT_TOKEN_URL: ${{ vars.WEBADE_CHECK_CLIENT_TOKEN_URL }}
WEBADE_CHECK_API_TOKEN_URL: ${{ vars.WEBADE_CHECK_API_TOKEN_URL }}
WEBADE_GET_API_TOKEN_URL: ${{ vars.WEBADE_GET_API_TOKEN_URL }}
WEBADE_GET_CLIENT_TOKEN_URL: ${{ vars.WEBADE_GET_CLIENT_TOKEN_URL }}
POSTGRES_USERNAME: ${{ vars.POSTGRES_USERNAME}}
#API variables
API_CPU_REQUEST: ${{ vars.API_CPU_REQUEST }}
API_CPU_LIMIT: ${{ vars.API_CPU_LIMIT }}
API_MEMORY_REQUEST: ${{ vars.API_MEMORY_REQUEST }}
API_MEMORY_LIMIT: ${{ vars.API_MEMORY_LIMIT }}
MAX_API_COUNT: ${{ vars.MAX_APP_COUNT }}
POSTGRES_RESOURCE_NAME: ${{ vars.POSTGRES_RESOURCE_NAME }}
TOMCAT_MAX_THREADS: ${{ vars.TOMCAT_MAX_THREADS }}
TOMCAT_PORT: ${{ vars.TOMCAT_PORT }}
TIME_ZONE: ${{ vars.TIME_ZONE }}
CIRRAS_POLICIES_API_URL: ${{ vars.CIRRAS_POLICIES_API_URL}}
CIRRAS_UNDERWRITING_REST_CLIENT_ID: ${{ vars.CIRRAS_UNDERWRITING_REST_CLIENT_ID }}
WEBADE_USERNAME: ${{ vars.WEBADE_USERNAME }}
WEBADE_MAXACTIVE: ${{ vars.WEBADE_MAXACTIVE }}
#DB/Liquibase variables:
POSTGRES_MAXACTIVE: '10'
CHANGELOG_FILE: changelog.json
#Frontend variables
MAX_UI_COUNT: ${{ vars.MAX_UI_COUNT }}
BASE_URL: https://cirras-underwriting-ui-route-${{ inputs.ENVIRONMENT_NAME }}-${{inputs.NAMESPACE}}.apps.silver.devops.gov.bc.ca/pub/cirras-underwriting/
CIRRAS_UNDERWRITING_REST_URI: https://cirras-underwriting-api-route-${{ inputs.ENVIRONMENT_NAME }}-${{inputs.NAMESPACE}}.apps.silver.devops.gov.bc.ca/cirras-underwriting-api/v1
ACTIVE_PORT: ${{ vars.TOMCAT_PORT }}
LOCAL_CHECKTOKEN_ENDPOINT: ${{ vars.LOCAL_CHECKTOKEN_ENDPOINT }}
WEBADE_OAUTH2_ENABLE_CHECKTOKEN: 'true'
WEBADE_OAUTH2_AUTHORIZE_URL: ${{ vars.WEBADE_OAUTH2_AUTHORIZE_URL }}
WEBADE_OAUTH2_SITEMINDER_URL: ${{ vars.WEBADE_OAUTH2_SITEMINDER_URL }}
WEBADE_OAUTH2_SCOPES: ${{ vars.WEBADE_OAUTH2_SCOPES }}
WEB_PATH: ${{ vars.WEB_PATH }}
#Jasper variables
JASPER_URL: cirras-underwriting-jasper-${{ inputs.ENVIRONMENT_NAME }}-${{ inputs.NAMESPACE }}.apps.silver.devops.gov.bc.ca
JASPER_USERNAME: ${{ vars.JASPER_USERNAME }}
JASPER_CPU_REQUEST: ${{ vars.JASPER_CPU_REQUEST }}
JASPER_CPU_LIMIT: ${{ vars.JASPER_CPU_LIMIT }}
JASPER_MEMORY_REQUEST: ${{ vars.JASPER_MEMORY_REQUEST }}
JASPER_MEMORY_LIMIT: ${{ vars.JASPER_MEMORY_LIMIT }}
ALLOW_EMPTY_PASSWORD: true
JASPERREPORTS_DATABASE_NAME: jasper${{ inputs.ENVIRONMENT_NAME }}
JASPERREPORTS_UI_USER: ${{ vars.JASPER_USERNAME }}
JASPER_STORAGE_CAPACITY: 25Mi
MARIADB_MAX_LOG_BYTES: ${{ vars.MARIADB_MAX_LOG_BYTES }}
#Explicit install of oc cli tool
- name: Install oc
uses: redhat-actions/oc-installer@v1
- name: Authenticate and set context
uses: redhat-actions/oc-login@v1
with:
openshift_server_url: ${{secrets.OPENSHIFT_SERVER_URL}}
openshift_token: ${{secrets.OPENSHIFT_TOKEN}}
namespace: ${{ inputs.NAMESPACE }}
- name: Apply .yaml files to openshift
run: |
for file in staging/*
do
oc apply -f "$file"
done