diff --git a/.github/workflows/build.from.developer.branch.deploy.to.dev.yml b/.github/workflows/build.from.developer.branch.deploy.to.dev.yml index 381a3cdf..0de13d7f 100644 --- a/.github/workflows/build.from.developer.branch.deploy.to.dev.yml +++ b/.github/workflows/build.from.developer.branch.deploy.to.dev.yml @@ -1,4 +1,4 @@ -name: Build & Deploy to DEV from Developer branch +name: Build & Deploy to DEV from Developer Branch env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. @@ -6,8 +6,10 @@ env: # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - # secrets.GRAD_BUSINESS_NAMESPACE to change in GH Secrets to the e8a*** namespace, currently 77c*** - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }}-dev + OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_NAMESPACE }}-dev + COMMON_NAMESPACE: ${{ secrets.COMMON_NAMESPACE }} + NAMESPACE: ${{ secrets.GRAD_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }} # 🖊️ EDIT to change the image registry settings. # Registries such as GHCR, Quay.io, and Docker Hub are supported. @@ -16,12 +18,11 @@ env: IMAGE_REGISTRY_PASSWORD: ${{ github.token }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-api-dc - DOCKER_ARTIFACTORY_REPO: artifacts.developer.gov.bc.ca/docker-remote REPO_NAME: "educ-grad-graduation-api" APP_DOMAIN: ${{ secrets.APP_DOMAIN }} + BRANCH: "main" TAG: "latest" - #GRAD2-1947 Resource optmization MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "600Mi" @@ -41,7 +42,9 @@ on: - develop/chris - develop/jinil - develop/km - + - develop/mchintha + - grad-hotfix + jobs: openshift-ci-cd: name: Build and deploy to OpenShift DEV from Developer branch @@ -49,9 +52,9 @@ jobs: runs-on: ubuntu-20.04 environment: dev - #outputs: - #ROUTE: ${{ steps.deploy-and-expose.outputs.route }} - #SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} + #outputs: + #ROUTE: ${{ steps.deploy-and-expose.outputs.route }} + #SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} steps: - name: Check out repository @@ -67,8 +70,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - registry: ${{ env.DOCKER_ARTIFACTORY_REPO }} - username: ${{ secrets.DOCKER_ARTIFACTORY_USERNAME }} + registry: ${{ vars.DOCKER_ARTIFACTORY_REPO }} + username: ${{ vars.DOCKER_ARTIFACTORY_USERNAME }} password: ${{ secrets.DOCKER_ARTIFACTORY_ACCESS_TOKEN }} # https://github.com/redhat-actions/buildah-build#readme @@ -116,8 +119,21 @@ jobs: oc -n ${{ env.OPENSHIFT_NAMESPACE }} tag ${{ steps.push-image.outputs.registry-path }} ${{ env.REPO_NAME }}:${{ env.TAG }} # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} \ + -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ github.event.inputs.choice }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + dev \ + ${{ env.REPO_NAME }} \ + ${{ env.NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} # Start rollout (if necessary) and follow it oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ @@ -130,4 +146,4 @@ jobs: - name: ZAP Scan uses: zaproxy/action-api-scan@v0.1.0 with: - target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' + target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' diff --git a/.github/workflows/build.from.main.branch.deploy.to.dev.yml b/.github/workflows/build.from.main.branch.deploy.to.dev.yml index cbd2ea8c..877b114c 100644 --- a/.github/workflows/build.from.main.branch.deploy.to.dev.yml +++ b/.github/workflows/build.from.main.branch.deploy.to.dev.yml @@ -4,10 +4,12 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - # secrets.GRAD_BUSINESS_NAMESPACE to change in GH Secrets to the e8a*** namespace, currently 77c*** - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }}-dev + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-dev + COMMON_NAMESPACE: ${{ vars.COMMON_NAMESPACE }} + GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ vars.GRAD_BUSINESS_NAMESPACE }} # 🖊️ EDIT to change the image registry settings. # Registries such as GHCR, Quay.io, and Docker Hub are supported. @@ -16,12 +18,11 @@ env: IMAGE_REGISTRY_PASSWORD: ${{ github.token }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-api-dc - DOCKER_ARTIFACTORY_REPO: artifacts.developer.gov.bc.ca/docker-remote REPO_NAME: "educ-grad-graduation-api" - APP_DOMAIN: ${{ secrets.APP_DOMAIN }} + APP_DOMAIN: ${{ vars.APP_DOMAIN }} + BRANCH: "main" TAG: "latest" - #GRAD2-1947 Resource optmization MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "600Mi" @@ -36,14 +37,9 @@ on: jobs: openshift-ci-cd: name: Build and deploy to OpenShift DEV - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: dev - #outputs: - #ROUTE: ${{ steps.deploy-and-expose.outputs.route }} - #SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} - steps: - name: Check out repository uses: actions/checkout@v3 @@ -56,8 +52,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - registry: ${{ env.DOCKER_ARTIFACTORY_REPO }} - username: ${{ secrets.DOCKER_ARTIFACTORY_USERNAME }} + registry: ${{ vars.DOCKER_ARTIFACTORY_REPO }} + username: ${{ vars.DOCKER_ARTIFACTORY_USERNAME }} password: ${{ secrets.DOCKER_ARTIFACTORY_ACCESS_TOKEN }} # https://github.com/redhat-actions/buildah-build#readme @@ -105,8 +101,21 @@ jobs: oc -n ${{ env.OPENSHIFT_NAMESPACE }} tag ${{ steps.push-image.outputs.registry-path }} ${{ env.REPO_NAME }}:${{ env.TAG }} # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} \ + -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + dev \ + ${{ env.REPO_NAME }} \ + ${{ env.GRAD_NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} # Start rollout (if necessary) and follow it oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ @@ -119,4 +128,4 @@ jobs: - name: ZAP Scan uses: zaproxy/action-api-scan@v0.1.0 with: - target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' + target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' \ No newline at end of file diff --git a/.github/workflows/build.from.release.branch.deploy.to.dev.yml b/.github/workflows/build.from.release.branch.deploy.to.dev.yml index 78306b0e..3a5e978b 100644 --- a/.github/workflows/build.from.release.branch.deploy.to.dev.yml +++ b/.github/workflows/build.from.release.branch.deploy.to.dev.yml @@ -4,10 +4,12 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - # secrets.GRAD_BUSINESS_NAMESPACE to change in GH Secrets to the e8a*** namespace, currently 77c*** - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }}-dev + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-dev + COMMON_NAMESPACE: ${{ vars.COMMON_NAMESPACE }} + GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ vars.GRAD_BUSINESS_NAMESPACE }} # 🖊️ EDIT to change the image registry settings. # Registries such as GHCR, Quay.io, and Docker Hub are supported. @@ -16,12 +18,10 @@ env: IMAGE_REGISTRY_PASSWORD: ${{ github.token }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-api-dc - DOCKER_ARTIFACTORY_REPO: artifacts.developer.gov.bc.ca/docker-remote - REPO_NAME: "educ-grad-graduation-api" - APP_DOMAIN: ${{ secrets.APP_DOMAIN }} + APP_DOMAIN: ${{ vars.APP_DOMAIN }} + BRANCH: "grad-release" TAG: "latest" - #GRAD2-1947 Resource optmization MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "600Mi" @@ -42,7 +42,6 @@ on: jobs: openshift-ci-cd: name: Build and deploy to OpenShift DEV from release branch - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: dev @@ -60,8 +59,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - registry: ${{ env.DOCKER_ARTIFACTORY_REPO }} - username: ${{ secrets.DOCKER_ARTIFACTORY_USERNAME }} + registry: ${{ vars.DOCKER_ARTIFACTORY_REPO }} + username: ${{ vars.DOCKER_ARTIFACTORY_USERNAME }} password: ${{ secrets.DOCKER_ARTIFACTORY_ACCESS_TOKEN }} # https://github.com/redhat-actions/buildah-build#readme @@ -109,8 +108,21 @@ jobs: oc -n ${{ env.OPENSHIFT_NAMESPACE }} tag ${{ steps.push-image.outputs.registry-path }} ${{ env.REPO_NAME }}:${{ env.TAG }} # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ env.TAG }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} \ + -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + dev \ + ${{ env.REPO_NAME }} \ + ${{ env.GRAD_NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} # Start rollout (if necessary) and follow it oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ @@ -123,4 +135,4 @@ jobs: - name: ZAP Scan uses: zaproxy/action-api-scan@v0.1.0 with: - target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' + target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs' \ No newline at end of file diff --git a/.github/workflows/create_tag.yml b/.github/workflows/create_tag.yml index a5f772ab..701fd794 100644 --- a/.github/workflows/create_tag.yml +++ b/.github/workflows/create_tag.yml @@ -4,16 +4,16 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }}-dev + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-dev # 🖊️ EDIT to specify custom tags for the container image, or default tags will be generated below. IMAGE_TAGS: "" REPO_NAME: "educ-grad-graduation-api" BRANCH: "master" - NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }} + NAMESPACE: ${{ vars.GRAD_NAMESPACE }} on: # https://docs.github.com/en/actions/reference/events-that-trigger-workflows @@ -26,7 +26,6 @@ on: jobs: tag_image: name: Tag Image - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: dev @@ -35,32 +34,32 @@ jobs: SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} steps: - - name: Check out repository - uses: actions/checkout@v2 + - name: Check out repository + uses: actions/checkout@v2 - - name: Create tag - uses: actions/github-script@v5 - with: - script: | - github.rest.git.createRef({ - owner: context.repo.owner, - repo: context.repo.repo, - ref: 'refs/tags/${{ github.event.inputs.version }}', - sha: context.sha - }) + - name: Create tag + uses: actions/github-script@v5 + with: + script: | + github.rest.git.createRef({ + owner: context.repo.owner, + repo: context.repo.repo, + ref: 'refs/tags/${{ github.event.inputs.version }}', + sha: context.sha + }) - - name: Install oc - uses: redhat-actions/openshift-tools-installer@v1 - with: - oc: 4 + - name: Install oc + uses: redhat-actions/openshift-tools-installer@v1 + with: + oc: 4 - # https://github.com/redhat-actions/oc-login#readme - - uses: actions/checkout@v2 - - name: Tag in OpenShift - run: | - set -eux - # Login to OpenShift and select project - oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }} - oc project ${{ env.OPENSHIFT_NAMESPACE }} - - oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:latest ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:${{ github.event.inputs.version }} + # https://github.com/redhat-actions/oc-login#readme + - uses: actions/checkout@v2 + - name: Tag in OpenShift + run: | + set -eux + # Login to OpenShift and select project + oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }} + oc project ${{ env.OPENSHIFT_NAMESPACE }} + + oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:latest ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:${{ github.event.inputs.version }} diff --git a/.github/workflows/deploy_prod.yml b/.github/workflows/deploy_prod.yml index 552c1cf8..7c3a3839 100644 --- a/.github/workflows/deploy_prod.yml +++ b/.github/workflows/deploy_prod.yml @@ -4,18 +4,19 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_NAMESPACE }}-prod + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-prod + COMMON_NAMESPACE: ${{ vars.COMMON_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ vars.GRAD_BUSINESS_NAMESPACE }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-api-dc REPO_NAME: "educ-grad-graduation-api" - APP_DOMAIN: ${{ secrets.APP_DOMAIN }} - NAMESPACE: ${{ secrets.GRAD_NAMESPACE }} + APP_DOMAIN: ${{ vars.APP_DOMAIN }} + GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }} TAG: "latest" - - #GRAD2-1947 Resource optmization + BRANCH: "main" MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "600Mi" @@ -23,7 +24,6 @@ env: MIN_REPLICAS: "3" MAX_REPLICAS: "7" - on: # https://docs.github.com/en/actions/reference/events-that-trigger-workflows workflow_dispatch: @@ -31,7 +31,6 @@ on: jobs: deploy-to-openshift-prod: name: Deploy to OpenShift PROD - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: prod @@ -40,39 +39,53 @@ jobs: SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} steps: - - name: Check out repository - uses: actions/checkout@v2 - - - name: Get latest tag - uses: actions-ecosystem/action-get-latest-tag@v1 - id: get-latest-tag - - - name: Install oc - uses: redhat-actions/openshift-tools-installer@v1 - with: - oc: 4 - - # https://github.com/redhat-actions/oc-login#readme - - uses: actions/checkout@v2 - - name: Deploy - run: | - set -eux - # Login to OpenShift and select project - oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }} - oc project ${{ env.OPENSHIFT_NAMESPACE }} - # Cancel any rollouts in progress - oc rollout cancel dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ - || true && echo "No rollout in progress" + - name: Check out repository + uses: actions/checkout@v2 - oc tag ${{ env.NAMESPACE }}-test/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} ${{ env.NAMESPACE }}-prod/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} + - name: Get latest tag + uses: actions-ecosystem/action-get-latest-tag@v1 + id: get-latest-tag - # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ steps.get-latest-tag.outputs.tag }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + - name: Install oc + uses: redhat-actions/openshift-tools-installer@v1 + with: + oc: 4 - # Start rollout (if necessary) and follow it - oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ - || true && echo "Rollout in progress" - oc logs -f dc/${{ env.SPRING_BOOT_IMAGE_NAME }} - # Get status, returns 0 if rollout is successful - oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }} + # https://github.com/redhat-actions/oc-login#readme + - uses: actions/checkout@v2 + - name: Deploy + run: | + set -eux + # Login to OpenShift and select project + oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }} + oc project ${{ env.OPENSHIFT_NAMESPACE }} + # Cancel any rollouts in progress + oc rollout cancel dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ + || true && echo "No rollout in progress" + + oc tag ${{ env.GRAD_NAMESPACE }}-test/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} \ + ${{ env.GRAD_NAMESPACE }}-prod/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} + + # Process and apply deployment template + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ steps.get-latest-tag.outputs.tag }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} \ + -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + prod \ + ${{ env.REPO_NAME }} \ + ${{ env.GRAD_NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} + + # Start rollout (if necessary) and follow it + oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ + || true && echo "Rollout in progress" + oc logs -f dc/${{ env.SPRING_BOOT_IMAGE_NAME }} + # Get status, returns 0 if rollout is successful + oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }} diff --git a/.github/workflows/deploy_test.yml b/.github/workflows/deploy_test.yml index 2d7b88ef..b6110d15 100644 --- a/.github/workflows/deploy_test.yml +++ b/.github/workflows/deploy_test.yml @@ -4,18 +4,19 @@ env: # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context. # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values. # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions - OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} + OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }} OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} - OPENSHIFT_NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }}-test + OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-test + COMMON_NAMESPACE: ${{ vars.COMMON_NAMESPACE }} + BUSINESS_NAMESPACE: ${{ vars.GRAD_BUSINESS_NAMESPACE }} SPRING_BOOT_IMAGE_NAME: educ-grad-graduation-api-dc REPO_NAME: "educ-grad-graduation-api" - APP_DOMAIN: ${{ secrets.APP_DOMAIN }} - NAMESPACE: ${{ secrets.GRAD_BUSINESS_NAMESPACE }} + APP_DOMAIN: ${{ vars.APP_DOMAIN }} + GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }} TAG: "latest" - - #GRAD2-1947 Resource optmization + BRANCH: "main" MIN_CPU: "20m" MAX_CPU: "120m" MIN_MEM: "600Mi" @@ -23,7 +24,6 @@ env: MIN_REPLICAS: "3" MAX_REPLICAS: "7" - on: # https://docs.github.com/en/actions/reference/events-that-trigger-workflows workflow_dispatch: @@ -31,7 +31,6 @@ on: jobs: deploy-to-openshift-test: name: Deploy to OpenShift TEST - # ubuntu-20.04 can also be used. runs-on: ubuntu-20.04 environment: test @@ -40,39 +39,53 @@ jobs: SELECTOR: ${{ steps.deploy-and-expose.outputs.selector }} steps: - - name: Check out repository - uses: actions/checkout@v2 - - - name: Get latest tag - uses: actions-ecosystem/action-get-latest-tag@v1 - id: get-latest-tag - - - name: Install oc - uses: redhat-actions/openshift-tools-installer@v1 - with: - oc: 4 - - # https://github.com/redhat-actions/oc-login#readme - - uses: actions/checkout@v2 - - name: Deploy - run: | - set -eux - # Login to OpenShift and select project - oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }} - oc project ${{ env.OPENSHIFT_NAMESPACE }} - # Cancel any rollouts in progress - oc rollout cancel dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ - || true && echo "No rollout in progress" + - name: Check out repository + uses: actions/checkout@v2 - oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} ${{ env.NAMESPACE }}-test/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} + - name: Get latest tag + uses: actions-ecosystem/action-get-latest-tag@v1 + id: get-latest-tag - # Process and apply deployment template - oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} -p TAG_NAME=${{ steps.get-latest-tag.outputs.tag }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \ - | oc apply -f - + - name: Install oc + uses: redhat-actions/openshift-tools-installer@v1 + with: + oc: 4 - # Start rollout (if necessary) and follow it - oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ - || true && echo "Rollout in progress" - oc logs -f dc/${{ env.SPRING_BOOT_IMAGE_NAME }} - # Get status, returns 0 if rollout is successful - oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }} + # https://github.com/redhat-actions/oc-login#readme + - uses: actions/checkout@v2 + - name: Deploy + run: | + set -eux + # Login to OpenShift and select project + oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }} + oc project ${{ env.OPENSHIFT_NAMESPACE }} + # Cancel any rollouts in progress + oc rollout cancel dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ + || true && echo "No rollout in progress" + + oc tag ${{ env.GRAD_NAMESPACE }}-dev/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} \ + ${{ env.GRAD_NAMESPACE }}-test/${{ env.REPO_NAME }}:${{ steps.get-latest-tag.outputs.tag }} + + # Process and apply deployment template + oc process -f tools/openshift/api.dc.yaml -p IS_NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p REPO_NAME=${{ env.REPO_NAME }} \ + -p TAG_NAME=${{ steps.get-latest-tag.outputs.tag }} -p HOST_ROUTE=${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.${{ env.APP_DOMAIN }} \ + -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} \ + -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f - + + # UPDATE Configmaps + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \ + | bash /dev/stdin \ + test \ + ${{ env.REPO_NAME }} \ + ${{ env.GRAD_NAMESPACE }} \ + ${{ env.COMMON_NAMESPACE }} \ + ${{ env.BUSINESS_NAMESPACE }} \ + ${{ secrets.SPLUNK_TOKEN }} \ + ${{ vars.APP_LOG_LEVEL }} + + # Start rollout (if necessary) and follow it + oc rollout latest dc/${{ env.SPRING_BOOT_IMAGE_NAME }} 2> /dev/null \ + || true && echo "Rollout in progress" + oc logs -f dc/${{ env.SPRING_BOOT_IMAGE_NAME }} + # Get status, returns 0 if rollout is successful + oc rollout status dc/${{ env.SPRING_BOOT_IMAGE_NAME }} diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index 6608dab2..a6fc8ac8 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -1,4 +1,4 @@ -name: API CI +name: API Build on: pull_request: @@ -53,8 +53,8 @@ jobs: - name: Run Sonar Analysis run: mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} - -Dsonar.host.url=https://sonarcloud.io - -Dsonar.organization=bcgov-sonarcloud - -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} + -Dsonar.host.url=${{ vars.SONAR_HOST_URL }} + -Dsonar.organization=${{ vars.SONAR_ORG }} + -Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY }} env: GITHUB_TOKEN: ${{ github.token }} diff --git a/README.md b/README.md index 291eac12..c7612e1e 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[![img](https://img.shields.io/badge/Lifecycle-Experimental-339999)](https://github.com/bcgov/repomountie/blob/master/doc/lifecycle-badges.md)   +[![img](https://img.shields.io/badge/Lifecycle-Stable-97ca00)](https://github.com/bcgov/repomountie/blob/master/doc/lifecycle-badges.md)   [![Build](https://github.com/bcgov/EDUC-GRAD-GRADUATION-API/actions/workflows/on.pr.yml/badge.svg)](https://github.com/bcgov/EDUC-GRAD-GRADUATION-API/actions/workflows/on.pr.yml)   [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=bcgov_EDUC-GRAD-GRADUATION-API&metric=bugs)](https://sonarcloud.io/summary/new_code?id=bcgov_EDUC-GRAD-GRADUATION-API)   [![Code Smells](https://sonarcloud.io/api/project_badges/measure?project=bcgov_EDUC-GRAD-GRADUATION-API&metric=code_smells)](https://sonarcloud.io/summary/new_code?id=bcgov_EDUC-GRAD-GRADUATION-API)   diff --git a/tools/config/update-configmap.sh b/tools/config/update-configmap.sh new file mode 100644 index 00000000..bbd79c5b --- /dev/null +++ b/tools/config/update-configmap.sh @@ -0,0 +1,74 @@ +########################################################### +#ENV VARS +########################################################### +envValue=$1 +APP_NAME=$2 +GRAD_NAMESPACE=$3 +COMMON_NAMESPACE=$4 +BUSINESS_NAMESPACE=$5 +SPLUNK_TOKEN=$6 +APP_LOG_LEVEL=$7 + +SPLUNK_URL="gww.splunk.educ.gov.bc.ca" +FLB_CONFIG="[SERVICE] + Flush 1 + Daemon Off + Log_Level info + HTTP_Server On + HTTP_Listen 0.0.0.0 + Parsers_File parsers.conf +[INPUT] + Name tail + Path /mnt/log/* + Exclude_Path *.gz,*.zip + Parser docker + Mem_Buf_Limit 20MB +[FILTER] + Name record_modifier + Match * + Record hostname \${HOSTNAME} +[OUTPUT] + Name stdout + Match absolutely_nothing_at_all + Log_Level off +[OUTPUT] + Name splunk + Match * + Host $SPLUNK_URL + Port 443 + TLS On + TLS.Verify Off + Message_Key $APP_NAME + Splunk_Token $SPLUNK_TOKEN +" +PARSER_CONFIG=" +[PARSER] + Name docker + Format json +" +########################################################### +#Setup for config-maps +########################################################### +echo Creating config map "$APP_NAME"-config-map +oc create -n "$GRAD_NAMESPACE"-"$envValue" configmap "$APP_NAME"-config-map \ + --from-literal=APP_LOG_LEVEL="$APP_LOG_LEVEL" \ + --from-literal=EDUC_SCHOOL_API="http://school-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=ENABLE_SPLUNK_LOG_HELPER="true" \ + --from-literal=GRAD_ALGORITHM_API="http://educ-grad-algorithm-api.$BUSINESS_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=GRAD_GRADUATION_REPORT_API="http://educ-grad-graduation-report-api.$GRAD_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=GRAD_PROGRAM_API="http://educ-grad-program-api.$GRAD_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=GRAD_REPORT_API="http://educ-grad-report-api.$GRAD_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=GRAD_STUDENT_API="http://educ-grad-student-api.$GRAD_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=GRAD_STUDENT_GRADUATION_API="http://educ-grad-student-graduation-api.$GRAD_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=GRAD_TRAX_API="http://educ-grad-trax-api.$GRAD_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --from-literal=KEYCLOAK_TOKEN_URL="https://soam-$envValue.apps.silver.devops.gov.bc.ca/" \ + --from-literal=PEN_API="http://student-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/" \ + --dry-run=client -o yaml | oc apply -f - +echo + +echo Creating config map "$APP_NAME"-flb-sc-config-map +oc create -n "$GRAD_NAMESPACE"-"$envValue" configmap "$APP_NAME"-flb-sc-config-map \ + --from-literal=fluent-bit.conf="$FLB_CONFIG" \ + --from-literal=parsers.conf="$PARSER_CONFIG" \ + --dry-run=client -o yaml | oc apply -f - +