Skip to content

Commit

Permalink
feat: artifactory (#17)
Browse files Browse the repository at this point in the history
  • Loading branch information
@barrfalk
barrfalk authored Jan 10, 2024
1 parent ab8a920 commit b9e0b7c
Show file tree
Hide file tree
Showing 64 changed files with 12,227 additions and 4,810 deletions.
8 changes: 0 additions & 8 deletions .github/dependabot.yml
View file

This file was deleted.

132 changes: 132 additions & 0 deletions .github/workflows/.deploy.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,132 @@
name: .Deploys

on:
workflow_call:
inputs:
### Required
release:
description: Deployment release; usually PR number, test or prod
required: true
type: string

### Typical / recommended
autoscaling:
description: Autoscaling enabled or not for the deployments
required: false
type: string
default: true
environment:
description: Environment name; omit for PRs
required: false
type: string
tag:
description: Container tag; usually PR number
required: false
type: string
default: ${{ github.event.number }}
triggers:
description: Paths to trigger a deploy; omit=always; e.g. ('backend/' 'frontend/')
required: false
type: string

### Usually a bad idea / not recommended
directory:
description: 'Chart directory'
default: 'charts/${{ github.event.repository.name }}'
required: false
type: string
timeout-minutes:
description: 'Timeout minutes'
default: 10
required: false
type: number
values:
description: 'Values file'
default: 'values.yaml'
required: false
type: string
params:
description: 'Extra parameters to pass to helm upgrade'
default: ''
required: false
type: string

env:
repo_release: ${{ github.event.repository.name }}-${{ inputs.release }}
package_tag: ${{ inputs.tag }}

jobs:
deploys:
name: Helm
environment: ${{ inputs.environment }}
runs-on: ubuntu-22.04
timeout-minutes: ${{ inputs.timeout-minutes }}
steps:
- uses: actions/checkout@v4
- name: Check Deployment Triggers
id: triggers
run: |
# Expand for trigger processing
# Always deploy if no triggers are provided
if [ -z "${{ inputs.triggers }}" ]; then
echo "Always deploy when no triggers are provided"
echo "triggered=true" >> $GITHUB_OUTPUT
exit 0
fi
# Deploy if changed files (git diff) match triggers
TRIGGERS=${{ inputs.triggers }}
git fetch origin ${{ github.event.repository.default_branch }}
while read -r check; do
for t in "${TRIGGERS[@]}"; do
if [[ "${check}" =~ "${t}" ]]; then
echo "Build triggered based on git diff"
echo -e "${t}\n --> ${check}"
echo "triggered=true" >> $GITHUB_OUTPUT
exit 0
fi
done
done < <(git diff origin/${{ github.event.repository.default_branch }} --name-only)
# If here skip deployment
echo "No triggers have fired, deployment skipped"
- name: Deploy if Triggers Fired
if: ${{ steps.triggers.outputs.triggered == 'true' }}
working-directory: ${{ inputs.directory }}
shell: bash
run: |
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
oc project ${{ vars.OC_NAMESPACE }} # Safeguard!
# Interrupt any previous jobs (status = pending-upgrade)
PREVIOUS=$(helm status ${{ env.repo_release }} -o json | jq .info.status || true)
if [[ ${PREVIOUS} =~ pending ]]; then
echo "Rollback triggered"
helm rollback ${{ env.repo_release }} || \
helm uninstall ${{ env.repo_release }}
fi
# Deploy Helm Chart
helm dependency update
helm package --app-version="${{ env.package_tag }}" --version=${{ inputs.tag }} .
helm upgrade \
--set global.autoscaling=${{ inputs.autoscaling }} \
--set-string global.repository=${{ github.repository }} \
--set-string global.secrets.databasePassword=${{ secrets.DB_PASSWORD }} \
--set-string backend.containers[0].tag="${{ env.package_tag }}" \
--set-string backend.initContainers[0].tag="${{ env.package_tag }}" \
--set-string frontend.containers[0].tag="${{ env.package_tag }}" \
${{ inputs.params }} \
--install --wait --atomic ${{ env.repo_release }} \
--timeout ${{ inputs.timeout-minutes }}m \
--values ${{ inputs.values }} \
./${{ github.event.repository.name }}-${{ inputs.tag }}.tgz
# print history
helm history ${{ env.repo_release }}
# Remove old build runs, build pods and deployment pods
oc delete po --field-selector=status.phase==Succeeded
132 changes: 132 additions & 0 deletions .github/workflows/.push-helm-chart.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,132 @@
name: .Deploys

on:
workflow_call:
inputs:
### Required
release:
description: Deployment release; usually PR number, test or prod
required: true
type: string

### Typical / recommended
autoscaling:
description: Autoscaling enabled or not for the deployments
required: false
type: string
default: true
environment:
description: Environment name; omit for PRs
required: false
type: string
tag:
description: Container tag; usually PR number
required: false
type: string
default: ${{ github.event.number }}
triggers:
description: Paths to trigger a deploy; omit=always; e.g. ('backend/' 'frontend/')
required: false
type: string

### Usually a bad idea / not recommended
directory:
description: 'Chart directory'
default: 'charts/${{ github.event.repository.name }}'
required: false
type: string
timeout-minutes:
description: 'Timeout minutes'
default: 10
required: false
type: number
values:
description: 'Values file'
default: 'values.yaml'
required: false
type: string
params:
description: 'Extra parameters to pass to helm upgrade'
default: ''
required: false
type: string

env:
repo_release: ${{ github.event.repository.name }}-${{ inputs.release }}
package_tag: ${{ inputs.tag }}

jobs:
deploys:
name: Helm
environment: ${{ inputs.environment }}
runs-on: ubuntu-22.04
timeout-minutes: ${{ inputs.timeout-minutes }}
steps:
- name: Checkout source repository
uses: actions/checkout@v2
with:
path: source-repo

- name: Clean up target repository directory
run: |
if [ -d "target-repo" ]; then
rm -rf target-repo
fi
- name: Setup SSH for Target Repository
run: |
mkdir -p ~/.ssh
echo "${{ secrets.MANIFEST_REPO_DEPLOY_KEY }}" > ~/.ssh/id_rsa
echo "${{ secrets.MANIFEST_REPO_DEPLOY_KEY_PUB }}" > ~/.ssh/id_rsa.pub
chmod 600 ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa.pub
ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
- name: Checkout target repository using SSH
uses: actions/checkout@v2
with:
repository: ${{ vars.GITOPS_REPO}}
ssh-key: ${{ secrets.MANIFEST_REPO_DEPLOY_KEY }}
path: 'target-repo'

- name: Create or Checkout Existing Branch in Target Repository
run: |
cd target-repo
BRANCH_NAME="update-helm-chart-${{ env.package_tag }}"
git fetch origin
if git rev-parse --verify origin/$BRANCH_NAME; then
git checkout $BRANCH_NAME
git merge origin/$BRANCH_NAME -X ours
else
git checkout -b $BRANCH_NAME
fi
- name: Copy folder from source to target
run: |
if [ -d "source-repo/charts" ]; then
mkdir -p target-repo/helm-chart
cp -r source-repo/charts/nr-compliance-enforcement-cm/* target-repo/helm-chart/
else
echo "Directory 'charts' does not exist in source repository"
exit 1
fi
- name: Commit and Push changes
run: |
cd target-repo
git config --global user.name "${{ vars.GLOBAL_USER}}"
git config --global user.email "${{ vars.GLOBAL_EMAIL}}"
git add .
git commit -m "update helm chart ${{ inputs.tag }}" || true # Avoids failure if there's nothing to commit
git push --set-upstream origin update-helm-chart-${{ inputs.tag }}
- name: Create Pull Request via GitHub API
env:
GITHUB_TOKEN: ${{ secrets.GITOPS_PAT }}
run: |
curl \
-X POST \
-H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/${{ vars.GITOPS_REPO }}/pulls \
-d "{\"title\": \"Update Helm Chart\", \"head\": \"update-helm-chart-${{ inputs.tag }}\", \"base\": \"main\", \"body\": \"Automated update of Helm chart\"}"
74 changes: 74 additions & 0 deletions .github/workflows/.tests.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
name: .Tests

on:
workflow_call:
inputs:
### Required
target:
description: PR number, test or prod
required: true
type: string

jobs:
integration-tests:
name: Integration Tests
runs-on: ubuntu-22.04
timeout-minutes: 1
steps:
- uses: actions/checkout@v4
- id: cache-npm
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-build-cache-node-modules-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-cache-node-modules-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Integration tests
env:
API_NAME: nest
BASE_URL: https://${{ github.event.repository.name }}-${{ inputs.target }}-frontend.apps.silver.devops.gov.bc.ca
run: |
cd integration-tests
npm ci
node src/main.js
cypress-e2e:
name: E2E Tests
runs-on: ubuntu-22.04
defaults:
run:
working-directory: frontend
strategy:
matrix:
browser: [chrome, firefox, edge]
timeout-minutes: 5
steps:
- uses: actions/checkout@v4
- id: cache-npm
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-build-cache-node-modules-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-cache-node-modules-
${{ runner.os }}-build-
${{ runner.os }}-
- uses: cypress-io/github-action@v6
name: Cypress run
env:
CYPRESS_baseUrl: https://${{ github.event.repository.name }}-${{ inputs.target }}-frontend.apps.silver.devops.gov.bc.ca/
with:
config: pageLoadTimeout=10000
working-directory: ./frontend
browser: ${{ matrix.browser }}

- uses: actions/upload-artifact@v3
if: failure()
with:
name: cypress-screenshots
path: ./cypress/screenshots
if-no-files-found: ignore # 'warn' or 'error' are also available, defaults to `warn`
Loading

0 comments on commit b9e0b7c

Please sign in to comment.