-
Notifications
You must be signed in to change notification settings - Fork 0
159 lines (137 loc) · 6.36 KB
/
review-app-create.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: review-app-create
run-name: Creating, updating or testing review app for PR "${{ github.event.pull_request.title }}"
on:
pull_request:
types: ["labeled", "ready_for_review", "synchronize", "opened"]
concurrency:
group: review-app-${{ github.event.pull_request.number }}-${{ github.workflow }}
cancel-in-progress: true
env:
NAMESPACE: review-${{ github.event.pull_request.number }}-energy-apps
HOST_NAME: review-${{ github.event.pull_request.number }}-energy-apps.qa.citizensadvice.org.uk
IMAGE_TAG: dev_${{ github.sha }}
CLUSTER: dev-eks-platform
jobs:
build:
name: Build Image
runs-on: ubuntu-22.04
permissions:
id-token: write
contents: read
issues: read
# This can be removed once tests are working. At the moment it just means that environments
# are created and destroyed on every push for no reason.
if: contains(github.event.pull_request.labels.*.name, 'Review app')
steps:
- name: Build and push to ECR
uses: citizensadvice/build-and-private-ecr-push-action@v1
with:
dockerfile_context: "."
repository_name: energy-apps
multiarch_build: "disabled"
role_arn: "arn:aws:iam::979633842206:role/EnergyAppsDeployment"
auth_token: ${{ secrets.GITHUB_TOKEN }}
prod_image: false
deploy:
name: Deploy Review Environment
runs-on: ubuntu-22.04
environment:
name: dev
permissions:
id-token: write
contents: read
issues: write
pull-requests: write
needs: build
steps:
- name: Git Checkout energy comparison table
uses: actions/checkout@v4
with:
path: energy-apps
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: "arn:aws:iam::979633842206:role/EnergyAppsDeployment"
role-session-name: energy-apps-actions-workflow
aws-region: eu-west-1
- name: Get Kube Config
run: aws eks update-kubeconfig --name=${{ env.CLUSTER }}
- name: Create Sub-namespace
run: |
kubectl apply -f - << EOF
apiVersion: hnc.x-k8s.io/v1alpha2
kind: SubnamespaceAnchor
metadata:
name: ${{ env.NAMESPACE }}
namespace: "dev-energy-apps"
EOF
- name: Escape Characters
id: escape_chars
run: |
echo "title=$(echo "${{ github.event.pull_request.title }}" | tr -d ',')" >> $GITHUB_OUTPUT
- name: Helm Deploy
run: |
cat > secrets.json << EOF
{
"secrets": ${{toJson(secrets)}}
}
EOF
helm upgrade --install \
--namespace=${{ env.NAMESPACE }} \
--values energy-apps/.github/resources/preview-overrides.yaml \
--values secrets.json \
--set metadata.pullRequestNumber=${{ github.event.pull_request.number }} \
--set metadata.pullRequestName="${{ steps.escape_chars.outputs.title }}" \
--set image.repository=979633842206.dkr.ecr.eu-west-1.amazonaws.com/energy-apps \
--set image.tag=${{ env.IMAGE_TAG }} \
--set env.URL_HOST=${{ env.HOST_NAME }} \
--set env.IMAGE_TAG=${{ env.IMAGE_TAG }} \
--set ingress.hostname=${{ env.HOST_NAME }} \
--set minio.ingress.hostname=minio-${{ env.HOST_NAME }} \
--set datadog.labels.env="pr-${{ github.event.pull_request.number }}" \
${{ env.NAMESPACE }} \
energy-apps/infrastructure/app/chart/energy-apps
- name: Find Comment
uses: peter-evans/find-comment@v3
id: find-comment
if: contains(github.event.pull_request.labels.*.name, 'Review app')
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: "github-actions[bot]"
body-includes: A review app has been created in the Kubernetes namespace
direction: last
- name: Add New Comment
uses: peter-evans/create-or-update-comment@v4
if: steps.find-comment.outputs.comment-id == 0 && contains(github.event.pull_request.labels.*.name, 'Review app')
with:
issue-number: ${{ github.event.pull_request.number }}
body: |
A review app has been created in the Kubernetes namespace `${{ env.NAMESPACE }}` in the `${{ env.CLUSTER }}` cluster.
It can be accessed at https://${{ env.HOST_NAME }}.
On first-time startup the environment may take 15-20 minutes to become accessible.
Tests are now running and can be viewed [here.](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})
To destroy the review app remove the label `Review app`, close this PR or convert it to draft.
- name: Update Comment
uses: peter-evans/create-or-update-comment@v4
if: steps.find-comment.outputs.comment-id && contains(github.event.pull_request.labels.*.name, 'Review app')
with:
issue-number: ${{ github.event.pull_request.number }}
edit-mode: replace
comment-id: ${{ steps.find-comment.outputs.comment-id }}
body: |
A review app has been created in the Kubernetes namespace `${{ env.NAMESPACE }}` in the `${{ env.CLUSTER }}` cluster.
It can be accessed at https://${{ env.HOST_NAME }}.
Tests are now running and can be viewed [here.](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})
To destroy the review app remove the label `Review app`, close this PR or convert it to draft.
---
Edit: A new version of the review app has been deployed based off the latest commit: [${{ github.event.pull_request.head.sha }}](https://github.com/citizensadvice/energy-comparison-table/pull/${{ github.event.pull_request.number }}/commits/${{ github.event.pull_request.head.sha }})
trigger_destroy:
# if: (contains(github.event.pull_request.labels.*.name, 'Review app') == false) || failure()
# While tests are not enabled, we only want the destroy job to be triggered from this workfow
# when a deployment fails, otherwise it will run the destroy job on every PR even when the
# environment doesn't exist
if: failure()
secrets: inherit
uses: ./.github/workflows/review-app-destroy.yml
with:
pr_number: ${{ github.event.pull_request.number }}