Merge pull request #4 from mozilla-it/OPST-790

Opst 790
mozilla-it · Oct 19, 2022 · 33b4315 · 33b4315
2 parents 146b1d2 + 01c5f68
commit 33b4315
Showing 1 changed file with 30 additions and 24 deletions.
diff --git a/action.yaml b/action.yaml
@@ -7,6 +7,12 @@ author: Mozilla
 description: Obtain credentials for GKE cluster & install Helm chart
 
 inputs:
+  app_name:
+    description: Name of tenant app to deploy to, e.g. testapp1
+    required: true
+  image_tag:
+    description: Name of the image tag
+    required: true
   infra_repo:
     description: Infrastructure repository contain Helm charts, e.g. mozilla/helm-charts
     required: true
@@ -17,9 +23,6 @@ inputs:
   infra_repo_ssh_key:
     description: SSH key with permissions to checkout infrastructure repository, typically a deploy key
     required: true
-  app_name:
-    description: Name of tenant app to deploy to, e.g. testapp1
-    required: true
   env_name:
     description: Name of tenant env to deploy to, e.g. dev
     required: true
@@ -45,6 +48,10 @@ inputs:
   helm_chart_path:
     description: Helm chart path within infrastructure repository , e.g. testapp1/k8s/testapp1/
     required: true
+  helm_values:
+    description: Helm values specified with '--set' flag value, e.g. "--set 'foo.bar=value'"
+    required: false
+    default: ""
   helm_value_files:
     description: Helm chart value files within the infrastructure repository specified with "-f" flag value, e.g. "-f values-dev.yaml -f values-dev-additional.yaml", defaults to "-f values-$env_name.yaml"
     required: false
@@ -57,50 +64,45 @@ inputs:
 runs:
   using: composite
   steps:
-    - id: checkout-deploy-repo
-      uses: actions/checkout@v3
-      with:
-        path: deploy
-
-    - id: checkout-infra-repo
+    - name: checkout the infra repo ${{ inputs.infra_repo }}
       uses: actions/checkout@v3
       with:
-        path: infra
+        path: infra_repo
         repository: ${{ inputs.infra_repo }}
         ref: ${{ inputs.infra_repo_ref }}
         ssh-key: ${{ inputs.infra_repo_ssh_key }}
 
-    - id: deployment-service-account
+    - id: deployment_service_account
       name: deployment service account
       shell: bash
       run: |
         if [[ "${{ inputs.project_id }}" == "" ]]; then
-        echo "::set-output name=SERVICE_ACCOUNT::deploy-${{ inputs.env_name }}@moz-fx-${{ inputs.app_name }}-${{ inputs.realm_name }}.iam.gserviceaccount.com"
+        echo "SERVICE_ACCOUNT=deploy-${{ inputs.env_name }}@moz-fx-${{ inputs.app_name }}-${{ inputs.realm_name }}.iam.gserviceaccount.com" >> $GITHUB_OUTPUT
         else
-        echo "::set-output name=SERVICE_ACCOUNT::deploy-${{ inputs.env_name }}@${{ inputs.project_id }}.iam.gserviceaccount.com"
+        echo "SERVICE_ACCOUNT=deploy-${{ inputs.env_name }}@${{ inputs.project_id }}.iam.gserviceaccount.com" >> $GITHUB_OUTPUT
         fi
 
-    - id: gcp-auth
+    - name: gcp authentication
       uses: google-github-actions/auth@v0
       with:
-        service_account: ${{ steps.deployment-service-account.outputs.SERVICE_ACCOUNT }}
+        service_account: ${{ steps.deployment_service_account.outputs.SERVICE_ACCOUNT }}
         workload_identity_provider: projects/${{ inputs.workload_identity_pool_project_number }}/locations/global/workloadIdentityPools/github-actions/providers/github-actions
 
-    - id: kubenetes-credentials
+    - name: get gke credentials
       uses: google-github-actions/get-gke-credentials@v0
       with:
         cluster_name: ${{ inputs.k8s_cluster_name }}
         location: ${{ inputs.k8s_cluster_location }}
         project_id: ${{ inputs.k8s_cluster_project }}
 
-    - id: helm-values
-      name: helm value files
+    - name: set the helm values flag
+      id: helm_values
       shell: bash
       run: |
         if [[ "${{ inputs.helm_value_files }}" == "" ]]; then
-        echo "::set-output name=FILES::-f values-${{ inputs.env_name }}.yaml"
+          echo "FILES=-f values-${{ inputs.env_name }}.yaml" >> $GITHUB_OUTPUT
         else
-        echo "::set-output name=FILES::${{ inputs.helm_value_files }}"
+          echo "FILES=${{ inputs.helm_value_files }}" >> $GITHUB_OUTPUT
         fi
 
     - name: helm version
@@ -113,9 +115,13 @@ runs:
 
     # FIXME
     # - Look at adding --atomic or --wait as flags
-    # - Look at adding flags for values files
-    # - Consider using https://github.com/deliverybot/helm or https://github.com/vimeda/helm
     - name: helm install
       shell: bash
-      working-directory: infra/${{ inputs.helm_chart_path }}
-      run: helm upgrade --install -n ${{ inputs.app_name }}-${{ inputs.env_name }} ${{ inputs.helm_release_name }} ${{ steps.helm-values.outputs.FILES }} .
+      working-directory: infra_repo/${{ inputs.helm_chart_path }}
+      run: |
+        helm upgrade ${{ inputs.helm_release_name }} .            \
+        --install                                                 \
+        --namespace ${{ inputs.app_name }}-${{ inputs.env_name }} \
+        ${{ steps.helm_values.outputs.FILES }}                    \
+        --set image.tag=${{ inputs.image_tag }}                   \
+        ${{ inputs.helm_values }}