diff --git a/.github/workflows/chart_release.yaml b/.github/workflows/chart_release.yaml index b427540d..c964a71b 100644 --- a/.github/workflows/chart_release.yaml +++ b/.github/workflows/chart_release.yaml @@ -7,7 +7,7 @@ on: jobs: chart-release: - name: Create chart release + name: Create and Publish Chart Release runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -27,3 +27,75 @@ jobs: config: .github/actions/chart_releaser/cr.yaml env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + + update-configs-and-sync: + runs-on: ubuntu-latest + name: Update Configs and Sync + needs: + - chart-release + steps: + - uses: actions/checkout@v4 + + - name: Set up Git + run: | + git config --global user.name "github-actions[bot]" + git config --global user.email "github-actions[bot]@users.noreply.github.com" + + - name: Checkout services directory from the trust-over-ip-configurations repo + uses: actions/checkout@v4 + with: + repository: bcgov/trust-over-ip-configurations + ssh-key: ${{ secrets.DITP_CONFIGS_REPO_SECRET }} + sparse-checkout: | + services + path: trust-over-ip-configurations + + - name: Lookup latest chart + id: chart_version + run: | + helm repo add vc-authn-oidc https://bcgov.github.io/vc-authn-oidc + helm repo update + echo "APP_VERSION=$(helm search repo vc-authn-oidc -ojson | jq '.[0].app_version')" >> $GITHUB_OUTPUT + echo "CHART_VERSION=$(helm search repo vc-authn-oidc -ojson | jq '.[0].version')" >> $GITHUB_OUTPUT + + - name: Update test + env: + APP_VERSION: ${{ steps.chart_version.outputs.APP_VERSION }} + CHART_VERSION: ${{ steps.chart_version.outputs.CHART_VERSION }} + run: | + cd trust-over-ip-configurations + yq e -i '.appVersion = env(APP_VERSION)' services/vc-authn-oidc/charts/test/Chart.yaml + yq e -i '.version = env(CHART_VERSION)' services/vc-authn-oidc/charts/test/Chart.yaml + + - name: Update prod + env: + APP_VERSION: ${{ steps.chart_version.outputs.APP_VERSION }} + CHART_VERSION: ${{ steps.chart_version.outputs.CHART_VERSION }} + run: | + cd trust-over-ip-configurations + yq e -i '.appVersion = env(APP_VERSION)' services/vc-authn-oidc/charts/prod/Chart.yaml + yq e -i '.version = env(CHART_VERSION)' services/vc-authn-oidc/charts/prod/Chart.yaml + + - name: Commit and Push to trust-over-ip-configurations Repo + run: | + cd trust-over-ip-configurations + git add services/vc-authn-oidc/charts/test/Chart.yaml services/vc-authn-oidc/charts/prod/Chart.yaml + git commit -m "Update chart and app versions" || echo "No changes to commit" + git push origin main + + - name: Trigger and wait for GitOps sync workflow + uses: convictional/trigger-workflow-and-wait@v1.6.5 + id: workflow-trigger + with: + owner: bcgov + repo: trust-over-ip-configurations + github_token: ${{ secrets.DITP_CONFIGS_REPO_TOKEN }} + workflow_file_name: gitops_sync.yaml + + - name: Trigger ArgoCD Sync of e79518-test-vc-authn-oidc + uses: OpsVerseIO/argocd-sync@0.2.0 + with: + address: gitops-shared.apps.silver.devops.gov.bc.ca + token: ${{ secrets.DITP_GITOPS_ARGO_SECRET}} + action: sync + appName: "e79518-test-vc-authn-oidc" diff --git a/.github/workflows/on_push_main.yaml b/.github/workflows/on_push_main.yaml index bba0e107..2be55240 100644 --- a/.github/workflows/on_push_main.yaml +++ b/.github/workflows/on_push_main.yaml @@ -1,4 +1,4 @@ -name: Build & Deploy Development +name: Build, Update Config, and Deploy Development on: workflow_dispatch: push: @@ -14,18 +14,116 @@ jobs: ref: "main" platforms: "linux/amd64" + check_helm_changes: + runs-on: ubuntu-latest + name: Check for Helm Chart changes + outputs: + helm_changed: ${{ steps.list-changed.outputs.changed }} + steps: + - uses: actions/checkout@v4 + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.6.1 + + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> "$GITHUB_OUTPUT" + + update_configs_repo: + runs-on: ubuntu-latest + name: Update Configurations Repo + needs: + - build + - check_helm_changes + steps: + - uses: actions/checkout@v4 + + - name: Checkout services directory from the trust-over-ip-configurations repo + uses: actions/checkout@v4 + with: + repository: bcgov/trust-over-ip-configurations + ssh-key: ${{ secrets.DITP_CONFIGS_REPO_SECRET }} + sparse-checkout: | + services + path: trust-over-ip-configurations + + - name: Lookup Helm Chart and App versions + id: chart_version + run: | + helm repo add vc-authn-oidc https://bcgov.github.io/vc-authn-oidc + helm repo update + if [[ "${{ needs.check_helm_changes.outputs.helm_changed }}" == "true" ]]; then + echo "APP_VERSION=$(yq e .appVersion charts/vc-authn-oidc/Chart.yaml)" >> $GITHUB_OUTPUT + echo "CHART_VERSION=$(yq e .version charts/vc-authn-oidc/Chart.yaml)" >> $GITHUB_OUTPUT + else + echo "APP_VERSION=$(helm search repo vc-authn-oidc -ojson | jq -r '.[0].app_version')" >> $GITHUB_OUTPUT + echo "CHART_VERSION=$(helm search repo vc-authn-oidc -ojson | jq -r '.[0].version')" >> $GITHUB_OUTPUT + fi + + - name: Update versions + env: + APP_VERSION: ${{ steps.chart_version.outputs.APP_VERSION }} + CHART_VERSION: ${{ steps.chart_version.outputs.CHART_VERSION }} + IMAGE_TAG: ${{ needs.build.outputs.image_version }} + run: | + cd trust-over-ip-configurations + + yq e -i '.appVersion = env(APP_VERSION)' services/vc-authn-oidc/charts/dev/Chart.yaml + yq e -i '.version = env(CHART_VERSION)' services/vc-authn-oidc/charts/dev/Chart.yaml + yq e -i '.dependencies[0].version = env(CHART_VERSION)' services/vc-authn-oidc/charts/dev/Chart.yaml + yq e -i '.vc-authn-oidc.image.tag = env(IMAGE_TAG)' services/vc-authn-oidc/charts/dev/values.yaml + + - name: Commit and Push to trust-over-ip-configurations Repo + run: | + cd trust-over-ip-configurations + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + git add services/vc-authn-oidc/charts/dev/values.yaml services/vc-authn-oidc/charts/dev/Chart.yaml + git commit -m "Update chart version and image tag" || echo "No changes to commit" + git push origin main + + - uses: convictional/trigger-workflow-and-wait@v1.6.5 + id: workflow-trigger + with: + owner: bcgov + repo: trust-over-ip-configurations + github_token: ${{ secrets.DITP_CONFIGS_REPO_TOKEN }} + workflow_file_name: gitops_sync.yaml + + - name: Trigger ArgoCD Sync of e79518-test-vc-authn-oidc + uses: OpsVerseIO/argocd-sync@0.2.0 + if: needs.check_helm_changes.outputs.helm_changed != 'true' && steps.workflow-trigger.outputs.conclusion == 'success' + with: + address: gitops-shared.apps.silver.devops.gov.bc.ca + token: ${{ secrets.DITP_GITOPS_ARGO_SECRET}} + action: sync + appName: "e79518-test-vc-authn-oidc" + # Build vc-authn - deploy: + deploy_dev: name: Deploy VC-AuthN to Dev environment: dev runs-on: ubuntu-latest needs: - build - if: ${{ always() && !(contains(needs.*.result, 'failed')) && (github.repository_owner == 'bcgov') }} + - check_helm_changes + if: ${{ needs.check_helm_changes.outputs.helm_changed == 'true' && contains(needs.*.result, 'success') && !(contains(needs.*.result, 'failure')) && (github.repository_owner == 'bcgov') }} steps: - uses: actions/checkout@v4 + - name: Checkout services directory from the trust-over-ip-configurations repo + uses: actions/checkout@v4 + with: + repository: bcgov/trust-over-ip-configurations + ssh-key: ${{ secrets.DITP_CONFIGS_REPO_SECRET }} + sparse-checkout: | + services + path: trust-over-ip-configurations + - name: Authenticate and set context uses: redhat-actions/oc-login@v1 with: @@ -33,12 +131,12 @@ jobs: openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} namespace: ${{ secrets.OPENSHIFT_NAMESPACE }} - - name: VC-Authn Dev Helm + - name: Deploy VC-Authn-OIDC to Development run: | - helm upgrade --install vc-authn-oidc \ - -f https://raw.githubusercontent.com/bcgov/trust-over-ip-configurations/main/helm-values/vc-authn-oidc/dev.yaml \ - --set image.tag=${{ needs.build.outputs.image_version }} \ - ./charts/vc-authn-oidc --wait + cp trust-over-ip-configurations/services/vc-authn-oidc/charts/dev/values.yaml ./dev-values.yaml + yq e -i 'del(.vc-authn-oidc) | . *= load("trust-over-ip-configurations/services/vc-authn-oidc/charts/dev/values.yaml").vc-authn-oidc' ./dev-values.yaml + helm upgrade --install vc-authn-oidc -f ./dev-values.yaml --set image.tag=${{ needs.build.outputs.image_version }} ./charts/vc-authn-oidc --wait + - name: Restart Deployments run: | oc rollout restart deployment/vc-authn-oidc-agent diff --git a/docker/agent/config/ledgers.yaml b/docker/agent/config/ledgers.yaml index 3ca1f0d3..de607514 100644 --- a/docker/agent/config/ledgers.yaml +++ b/docker/agent/config/ledgers.yaml @@ -1,5 +1,6 @@ - id: BCovrinTest is_production: true + is_write: true genesis_url: "http://test.bcovrin.vonx.io/genesis" # - id: SovrinStagingNet # is_production: true @@ -9,5 +10,7 @@ genesis_url: "https://raw.githubusercontent.com/ICCS-ISAC/dtrust-reconu/main/CANdy/dev/pool_transactions_genesis" - id: CANdyTest is_production: true - is_write: true genesis_url: "https://raw.githubusercontent.com/ICCS-ISAC/dtrust-reconu/main/CANdy/test/pool_transactions_genesis" +- id: CANdyProd + is_production: true + genesis_url: "https://raw.githubusercontent.com/ICCS-ISAC/dtrust-reconu/main/CANdy/prod/pool_transactions_genesis"