Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: helm (#1480) #1493

Merged
merged 2 commits into from
Oct 17, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
150 changes: 78 additions & 72 deletions .github/workflows/merge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,41 +11,63 @@ concurrency:
cancel-in-progress: true

jobs:
semantic-version:
outputs:
semanticVersion: ${{ steps.changelog.outputs.version }}
tag: ${{ steps.changelog.outputs.tag }}
clean_changelog: ${{ steps.changelog.outputs.clean_changelog }}
runs-on: ubuntu-22.04
timeout-minutes: 1
steps:
- uses: actions/checkout@v4
- name: Conventional Changelog Update
uses: TriPSs/conventional-changelog-action@v3
id: changelog
continue-on-error: true
with:
github-token: ${{ github.token }}
output-file: 'CHANGELOG.md'
skip-version-file: 'true'
skip-commit: 'true'
skip-on-empty: 'false'
git-push: 'true'
retag-images:
needs: [semantic-version]
runs-on: ubuntu-22.04
strategy:
matrix:
package: [backend, migrations, frontend]
steps:
- name: Tag Docker Images
uses: shrink/actions-docker-registry-tag@v3
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.package }}
target: test
tags: ${{ needs.semantic-version.outputs.semanticVersion }}

deploys-test:
needs: [retag-images, semantic-version]
name: TEST Deploys
environment: test
runs-on: ubuntu-22.04
permissions:
issues: write
strategy:
matrix:
name: [database, backend, frontend]
include:
- name: database
file: database/openshift.deploy.yml
overwrite: false
- name: backend
file: backend/openshift.deploy.yml
overwrite: true
verification_path: /api
- name: frontend
file: frontend/openshift.deploy.yml
overwrite: true
timeout-minutes: 10
steps:
- uses: bcgov-nr/[email protected]
with:
file: ${{ matrix.file }}
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: ${{ matrix.overwrite }}
parameters:
-p ZONE=test -p NAME=${{ github.event.repository.name }}
${{ matrix.parameters }}
name: ${{ matrix.name }}
penetration_test_token: ${{ secrets.GITHUB_TOKEN }}
verification_path: ${{ matrix.verification_path }}
- uses: actions/checkout@v4
- name: Deploy
shell: bash
run: |
# Allow pipefail, since we could be catching oc create errors
set +o pipefail

# Login to OpenShift (NOTE: project command is a safeguard)
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
oc project ${{ vars.oc_namespace }}

# Deploy Helm Chart
cd charts/${{ github.event.repository.name }}
helm dependency update
helm upgrade --install --wait --atomic ${{ github.event.repository.name }}-test --values values.yaml --set-string global.repository=${{ github.repository }} --set-string backend.containers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string backend.initContainers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string frontend.containers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}} --timeout 10m .

cleanup-test:
name: TEST Pod cleanup
Expand Down Expand Up @@ -84,7 +106,7 @@ jobs:
- name: Install dependencies
run: npm ci
- name: Run integration tests
run: BASE_URL=https://${{ github.event.repository.name }}-test-backend.apps.silver.devops.gov.bc.ca API_NAME=nest node src/main.js
run: BASE_URL=https://${{ github.event.repository.name }}-test-frontend.apps.silver.devops.gov.bc.ca API_NAME=nest node src/main.js

cypress-e2e:
name: Cypress end to end test
Expand Down Expand Up @@ -124,56 +146,40 @@ jobs:
path: ./cypress/screenshots
if-no-files-found: ignore # 'warn' or 'error' are also available, defaults to `warn`

image-promotions:
name: Promote images
needs: [integration-tests, cypress-e2e, cleanup-test]
runs-on: ubuntu-22.04
permissions:
packages: write
strategy:
matrix:
component: [database, backend, migrations, frontend]
timeout-minutes: 1
steps:
- uses: shrink/actions-docker-registry-tag@v3
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.component }}
target: test
tags: prod

deploys-prod:
name: PROD Deploys
needs: [image-promotions]
needs: [cypress-e2e, integration-tests,deploys-test, semantic-version] # all of this needed to Go To PROD.
environment: prod
runs-on: ubuntu-22.04
timeout-minutes: 10
strategy:
matrix:
name: [database, backend, frontend]
include:
- name: database
file: database/openshift.deploy.yml
overwrite: false
- name: backend
file: backend/openshift.deploy.yml
overwrite: true
verification_path: /api
- name: frontend
file: frontend/openshift.deploy.yml
overwrite: true
steps:
- uses: bcgov-nr/[email protected]
- uses: actions/checkout@v4
- name: Deploy
shell: bash
run: |
# Allow pipefail, since we could be catching oc create errors
set +o pipefail

# Login to OpenShift (NOTE: project command is a safeguard)
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
oc project ${{ vars.oc_namespace }}

# Deploy Helm Chart
cd charts/${{ github.event.repository.name }}
helm dependency update
helm upgrade --install --wait --atomic ${{ github.event.repository.name }} --values values.yaml --set-string global.repository=${{ github.repository }} --set-string backend.containers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string backend.initContainers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string frontend.containers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}} --timeout 10m .
- name: Create Release
uses: softprops/action-gh-release@v1
if: ${{ needs.semantic-version.outputs.semanticVersion != '' }}
continue-on-error: true
env:
GITHUB_TOKEN: ${{ github.token }}
with:
file: ${{ matrix.file }}
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: ${{ matrix.overwrite }}
parameters:
-p ZONE=prod -p NAME=${{ github.event.repository.name }}
${{ matrix.parameters }}
verification_path: ${{ matrix.verification_path }}
token: ${{ github.token }}
tag_name: ${{ needs.semantic-version.outputs.tag }}
name: ${{ needs.semantic-version.outputs.tag }}
body: ${{ needs.semantic-version.outputs.clean_changelog }}

cleanup-prod:
name: PROD Pod cleanup
Expand Down
5 changes: 2 additions & 3 deletions .github/workflows/pr-close.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ jobs:
# Clean up OpenShift when PR closed, no conditions
cleanup-openshift:
name: Cleanup OpenShift
if: "!github.event.pull_request.head.repo.fork"
runs-on: ubuntu-22.04
timeout-minutes: 10
steps:
Expand All @@ -24,7 +23,7 @@ jobs:
oc project ${{ vars.OC_NAMESPACE }}

# Remove old build runs, build pods and deployment pods
oc delete all,pvc,secret -l app=${{ github.event.repository.name }}-${{ github.event.number }}
helm uninstall ${{ github.event.repository.name }}-${{ github.event.number }}

# If merged into main, then handle any image promotions
image-promotions:
Expand All @@ -35,7 +34,7 @@ jobs:
packages: write
strategy:
matrix:
package: [database, migrations, backend, frontend]
package: [migrations, backend, frontend]
timeout-minutes: 1
steps:
- uses: shrink/actions-docker-registry-tag@v3
Expand Down
64 changes: 25 additions & 39 deletions .github/workflows/pr-open.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ concurrency:

jobs:
pr-greeting:
if: "!github.event.pull_request.head.repo.fork"
name: PR Greeting
env:
DOMAIN: apps.silver.devops.gov.bc.ca
Expand All @@ -33,7 +32,7 @@ jobs:

Deployments, as required, will be available below:
- [Frontend](https://${{ env.PREFIX }}-frontend.${{ env.DOMAIN }})
- [Backend](https://${{ env.PREFIX }}-backend.${{ env.DOMAIN }}/api)
- [Backend](https://${{ env.PREFIX }}-frontend.${{ env.DOMAIN }}/api)

Please create PRs in draft mode. Mark as ready to enable:
- [Analysis Workflow](https://github.com/${{ github.repository }}/actions/workflows/analysis.yml)
Expand All @@ -44,16 +43,13 @@ jobs:
# https://github.com/bcgov-nr/action-builder-ghcr
builds:
name: Builds
if: "!github.event.pull_request.head.repo.fork"
runs-on: ubuntu-22.04
permissions:
packages: write
strategy:
matrix:
package: [database, migrations, backend, frontend]
package: [ migrations, backend, frontend]
include:
- package: database
triggers: ('database/')
- package: migrations
build_context: ./backend/db
triggers: ('backend/db')
Expand All @@ -67,48 +63,38 @@ jobs:
with:
keep_versions: 50
package: ${{ matrix.package }}
tag: ${{ github.event.number }}
tag: ${{ github.sha }}
tag_fallback: test
token: ${{ secrets.GITHUB_TOKEN }}
triggers: ${{ matrix.triggers }}
build_context: ${{ matrix.build_context }}
- name: Tag Docker Images
uses: shrink/actions-docker-registry-tag@v3
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.package }}
target: ${{ github.sha }}
tags: ${{ github.event.number }}

# https://github.com/bcgov-nr/action-deployer-openshift
deploys:
name: Deploys
if: "!github.event.pull_request.head.repo.fork"
needs: [builds]
runs-on: ubuntu-22.04
timeout-minutes: 10
strategy:
matrix:
name: [database, backend, frontend]
include:
- name: database
file: database/openshift.deploy.yml
overwrite: false
triggers: ('database/' 'backend/' 'frontend/')
- name: backend
file: backend/openshift.deploy.yml
overwrite: true
parameters: -p MIN_REPLICAS=1 -p MAX_REPLICAS=2
triggers: ('database/' 'backend/' 'frontend/')
verification_path: /api
- name: frontend
file: frontend/openshift.deploy.yml
overwrite: true
parameters: -p MIN_REPLICAS=1 -p MAX_REPLICAS=2
triggers: ('database/' 'backend/' 'frontend/')
steps:
- uses: bcgov-nr/[email protected]
with:
file: ${{ matrix.file }}
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: ${{ matrix.overwrite }}
parameters:
-p ZONE=${{ github.event.number }} -p NAME=${{ github.event.repository.name }}
${{ matrix.parameters }}
triggers: ${{ matrix.triggers }}
verification_path: ${{ matrix.verification_path }}
- uses: actions/checkout@v3
- name: Deploy
shell: bash
run: |
# Allow pipefail, since we could be catching oc create errors
set +o pipefail
echo "IncrementalTag is $IncrementalTag"
# Login to OpenShift (NOTE: project command is a safeguard)
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
oc project ${{ vars.oc_namespace }}

# Deploy Helm Chart
cd charts/${{ github.event.repository.name }}
helm dependency update
helm upgrade --install --wait --atomic ${{ github.event.repository.name }}-${{ github.event.number }} --values values-pr.yaml --set-string global.repository=${{ github.repository }} --set-string backend.containers[0].tag="${{ github.sha }}" --set-string backend.initContainers[0].tag="${{ github.sha }}" --set-string frontend.containers[0].tag="${{ github.sha }}" --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}} --timeout 10m .
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v2
name: database
description: Postgres
name: quickstart-openshift
description: A Helm chart for Kubernetes deployment.
icon: https://www.nicepng.com/png/detail/521-5211827_bc-icon-british-columbia-government-logo.png

# A chart can be either an 'application' or a 'library' chart.
Expand All @@ -23,3 +23,29 @@ version: 0.1.0
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"

dependencies:
- name: component
condition: backend.enabled
version: 0.0.12
repository: https://bcgov.github.io/helm-service
alias: backend

- name: component
condition: frontend.enabled
version: 0.0.12
repository: https://bcgov.github.io/helm-service
alias: frontend


- name: postgresql
condition: bitnami-pg.enabled
version: 13.0.0
repository: https://charts.bitnami.com/bitnami
alias: bitnami-pg

- name: component
condition: backup.enabled
version: 0.0.12
repository: https://bcgov.github.io/helm-service
alias: backup
Loading