Merge pull request #4612 from bcgov/renovate/alpine-3.x #2125
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 01.Deploy Dev Environment | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- app/** | |
- helm/** | |
- localdev/nats-provision/** | |
- data-migrations/** | |
- .github/workflows/deploy-dev.yml | |
env: | |
GITHUB_REGISTRY: ghcr.io | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
permissions: | |
packages: write | |
contents: write | |
security-events: write | |
jobs: | |
build-push-app: | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Setup Tools | |
uses: ./.github/actions/setup-tools | |
- name: Build and Push | |
uses: egose/actions/docker-build-push@401f2efdfeb6d63914aa3b87d90c88d04dbf58f9 | |
with: | |
registry-url: ${{ env.GITHUB_REGISTRY }} | |
registry-username: ${{ github.actor }} | |
registry-password: ${{ secrets.GITHUB_TOKEN }} | |
image-name: bcgov/pltsvc | |
docker-context: . | |
docker-file: app/Dockerfile | |
docker-args: | | |
deployment_tag=${{ github.sha }} | |
metadata-tags: | | |
type=ref,event=branch | |
type=sha,format=long,prefix=,suffix= | |
build-push-pre-prisma: | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Setup Tools | |
uses: ./.github/actions/setup-tools | |
- name: Build and Push | |
uses: egose/actions/docker-build-push@401f2efdfeb6d63914aa3b87d90c88d04dbf58f9 | |
with: | |
registry-url: ${{ env.GITHUB_REGISTRY }} | |
registry-username: ${{ github.actor }} | |
registry-password: ${{ secrets.GITHUB_TOKEN }} | |
image-name: bcgov/pltsvc-pre-prisma | |
docker-context: app | |
docker-file: app/Dockerfile.db | |
metadata-tags: | | |
type=ref,event=branch | |
type=sha,format=long,prefix=,suffix= | |
build-push-pre-data-migrations: | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Setup Tools | |
uses: ./.github/actions/setup-tools | |
- name: Build and Push | |
uses: egose/actions/docker-build-push@401f2efdfeb6d63914aa3b87d90c88d04dbf58f9 | |
with: | |
registry-url: ${{ env.GITHUB_REGISTRY }} | |
registry-username: ${{ github.actor }} | |
registry-password: ${{ secrets.GITHUB_TOKEN }} | |
image-name: bcgov/pltsvc-pre-data-migrations | |
docker-context: data-migrations | |
docker-file: data-migrations/Dockerfile | |
metadata-tags: | | |
type=ref,event=branch | |
type=sha,format=long,prefix=,suffix= | |
build-push-email: | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Setup Tools | |
uses: ./.github/actions/setup-tools | |
- name: Build and Push | |
uses: egose/actions/docker-build-push@401f2efdfeb6d63914aa3b87d90c88d04dbf58f9 | |
with: | |
registry-url: ${{ env.GITHUB_REGISTRY }} | |
registry-username: ${{ github.actor }} | |
registry-password: ${{ secrets.GITHUB_TOKEN }} | |
image-name: bcgov/pltsvc-email | |
docker-context: . | |
docker-file: app/Dockerfile.email | |
metadata-tags: | | |
type=ref,event=branch | |
type=sha,format=long,prefix=,suffix= | |
build-push-m365proxy: | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 5 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Build and Push | |
uses: egose/actions/docker-build-push@401f2efdfeb6d63914aa3b87d90c88d04dbf58f9 | |
with: | |
registry-url: ${{ env.GITHUB_REGISTRY }} | |
registry-username: ${{ github.actor }} | |
registry-password: ${{ secrets.GITHUB_TOKEN }} | |
image-name: bcgov/pltsvc-localdev-m365proxy | |
docker-context: localdev/m365proxy | |
docker-file: localdev/m365proxy/Dockerfile | |
metadata-tags: | | |
type=ref,event=branch | |
type=sha,format=long,prefix=,suffix= | |
build-push-nats-provision: | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Setup Tools | |
uses: ./.github/actions/setup-tools | |
- name: Build and Push | |
uses: egose/actions/docker-build-push@401f2efdfeb6d63914aa3b87d90c88d04dbf58f9 | |
with: | |
registry-url: ${{ env.GITHUB_REGISTRY }} | |
registry-username: ${{ github.actor }} | |
registry-password: ${{ secrets.GITHUB_TOKEN }} | |
image-name: bcgov/pltsvc-localdev-nats-provision | |
docker-context: localdev | |
docker-file: localdev/nats-provision/Dockerfile | |
metadata-tags: | | |
type=ref,event=branch | |
type=sha,format=long,prefix=,suffix= | |
deploy: | |
needs: [build-push-app, build-push-pre-prisma, build-push-pre-data-migrations, build-push-email, build-push-m365proxy, build-push-nats-provision] | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 5 | |
permissions: | |
contents: read | |
environment: | |
name: dev | |
url: https://dev-pltsvc.apps.silver.devops.gov.bc.ca | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Authenticate and set context | |
uses: redhat-actions/oc-login@dfbd9912672664f9df2023c1c16e07bcf306043c | |
with: | |
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} | |
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
namespace: ${{ vars.OPENSHIFT_NAMESPACE }} | |
insecure_skip_tls_verify: true | |
- name: Deploy apps with Helm chart | |
run: | | |
make upgrade NAMESPACE=${{ vars.OPENSHIFT_NAMESPACE }} IMAGE_TAG=${{ github.sha }} | |
kubectl rollout status deployment/pltsvc-app | |
working-directory: ./helm/main | |
- name: Notify RocketChat on Failure | |
if: failure() | |
uses: ./.github/actions/rocketchat-notification | |
with: | |
webhook-url: ${{ secrets.ROCKETCHAT_WEBHOOK_URL }} | |
data: | | |
{ | |
"text": ":warning: Deployment to Dev failed! [Investigate here](https://github.com/bcgov/platform-services-registry/)" | |
} | |
scan-app: | |
needs: [build-push-app, build-push-pre-prisma, build-push-pre-data-migrations, build-push-email, build-push-m365proxy, build-push-nats-provision] | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Scan image | |
uses: ./.github/actions/scan-docker-image | |
with: | |
image: ${{ env.GITHUB_REGISTRY }}/bcgov/pltsvc:${{ github.sha }} | |
scan-pre-prisma: | |
needs: [build-push-app, build-push-pre-prisma, build-push-pre-data-migrations, build-push-email, build-push-m365proxy, build-push-nats-provision] | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Scan image | |
uses: ./.github/actions/scan-docker-image | |
with: | |
image: ${{ env.GITHUB_REGISTRY }}/bcgov/pltsvc-pre-prisma:${{ github.sha }} | |
scan-pre-data-migrations: | |
needs: [build-push-app, build-push-pre-prisma, build-push-pre-data-migrations, build-push-email, build-push-m365proxy, build-push-nats-provision] | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Scan image | |
uses: ./.github/actions/scan-docker-image | |
with: | |
image: ${{ env.GITHUB_REGISTRY }}/bcgov/pltsvc-pre-data-migrations:${{ github.sha }} | |
scan-email: | |
needs: [build-push-app, build-push-pre-prisma, build-push-pre-data-migrations, build-push-email, build-push-m365proxy, build-push-nats-provision] | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Scan image | |
uses: ./.github/actions/scan-docker-image | |
with: | |
image: ${{ env.GITHUB_REGISTRY }}/bcgov/pltsvc-email:${{ github.sha }} | |
scan-m365proxy: | |
needs: [build-push-app, build-push-pre-prisma, build-push-pre-data-migrations, build-push-email, build-push-m365proxy, build-push-nats-provision] | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Scan image | |
uses: ./.github/actions/scan-docker-image | |
with: | |
image: ${{ env.GITHUB_REGISTRY }}/bcgov/pltsvc-localdev-m365proxy:${{ github.sha }} | |
scan-nats-provision: | |
needs: [build-push-app, build-push-pre-prisma, build-push-pre-data-migrations, build-push-email, build-push-m365proxy, build-push-nats-provision] | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
steps: | |
- uses: hmarr/debug-action@f7318c783045ac39ed9bb497e22ce835fdafbfe6 | |
- uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb | |
- name: Scan image | |
uses: ./.github/actions/scan-docker-image | |
with: | |
image: ${{ env.GITHUB_REGISTRY }}/bcgov/pltsvc-localdev-nats-provision:${{ github.sha }} |