Main - Build Image and Push to Openshift Registry for Dev Deployment #39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is the main workflow that creates a new image and push to Openshift image stream which in turn triggers the deployment | |
| name: Main - Build Image and Push to Openshift Registry for Dev Deployment | |
| # Controls when the workflow will run | |
| on: | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| inputs: | |
| app: | |
| description: 'App Name (jag-cdds)' | |
| required: true | |
| default: jag-cdds | |
| env: | |
| description: 'Image Target Env' | |
| required: true | |
| default: 'dev' | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| # This workflow contains a single job called "build" | |
| build-push-image: | |
| # The type of runner that the job will run on | |
| runs-on: ubuntu-20.04 | |
| environment: ${{ github.event.inputs.env }} | |
| env: | |
| BASIC_AUTH_USER: ${{ secrets.BASIC_AUTH_USER }} | |
| BASIC_AUTH_PASS: ${{ secrets.BASIC_AUTH_PASS }} | |
| # Steps represent a sequence of tasks that will be executed as part of the job | |
| steps: | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| - name: Git Checkout | |
| uses: actions/checkout@v2 | |
| # Get the version number which is prefixed with the Github release branches in format release/{version} | |
| - name: Get Release Version | |
| run: | | |
| branch=${GITHUB_REF##*/} | |
| version=$(echo $branch | cut -d "/" -f2-) | |
| echo "releaseVersion=$version" >> $GITHUB_ENV | |
| # Get Git latest short Sha# from the release branch used. This Sha# will be used in image tagging as well as DC Pod labelling. | |
| - name: Get git commit short sha | |
| id: sha | |
| run: | | |
| shortSha=$(echo $(git rev-parse --short HEAD) | cut -c1-7) | |
| echo "gitsha=$shortSha" >> $GITHUB_ENV | |
| # Prints vital release paramters used | |
| - name: Print Release Variables | |
| run: | | |
| echo "Release Application: ${{ github.event.inputs.app }}" | |
| echo "Release Environment: ${{ github.event.inputs.env }}" | |
| echo "Release Version: ${{ env.releaseVersion }}" | |
| echo "Release Git Sha: ${{env.gitsha}}" | |
| # Set up JDK build environment | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v1 | |
| with: | |
| java-version: 11 | |
| # Runs build steps | |
| - name: Maven Package | |
| run: mvn -ntp clean package | |
| - name: Maven Verify | |
| run: mvn -ntp clean verify | |
| - name: Maven Spotless Check | |
| run: mvn -ntp spotless:check | |
| #Login to OpenShift Container Repository - Silver | |
| - name: Login to OpenShift Container Repository - Silver | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY_SILVER}} | |
| username: ${{secrets.OPENSHIFT_SA_USERNAME}} | |
| password: ${{secrets.OPENSHIFT_SA_PASSWORD_SILVER}} | |
| #Build and push image to OpenShift Image stream - Silver | |
| - name: Build & Push Image to Openshift Image Stream - Silver | |
| env: | |
| COMPOSE_DOCKER_CLI_BUILD: 1 | |
| DOCKER_BUILDKIT: 1 | |
| CONTEXT: . | |
| IMAGE: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY_SILVER}}/${{secrets.OPENSHIFT_TOOLS_NAMESPACE_SILVER}}/jag-cdds:${{secrets.OPENSHIFT_ENV_TAG}} | |
| run: | | |
| docker build \ | |
| --tag ${IMAGE} \ | |
| ${CONTEXT} | |
| docker push ${IMAGE} | |
| # #Login to OpenShift Container Repository - Kamloops (OC PROD) | |
| # - name: Login to OpenShift Container Repository - Kamloops (OC PROD) | |
| # uses: docker/login-action@v1 | |
| # with: | |
| # registry: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY}} | |
| # username: ${{secrets.OPENSHIFT_SA_USERNAME}} | |
| # password: ${{secrets.OPENSHIFT_SA_PASSWORD}} | |
| # #Build and push image to OpenShift Image stream - Kamloops (OC PROD) | |
| # - name: Build & Push Image to Openshift Image Stream - Kamloops (OC PROD) | |
| # env: | |
| # COMPOSE_DOCKER_CLI_BUILD: 1 | |
| # DOCKER_BUILDKIT: 1 | |
| # CONTEXT: . | |
| # IMAGE: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY}}/${{secrets.OPENSHIFT_TOOLS_NAMESPACE}}/jag-cdds:${{secrets.OPENSHIFT_ENV_TAG}} | |
| # run: | | |
| # docker build \ | |
| # --tag ${IMAGE} \ | |
| # ${CONTEXT} | |
| # docker push ${IMAGE} | |
| # #Login to OpenShift Container Repository - Calgary (OC DR) | |
| # - name: Login to OpenShift Container Repository - Calgary (OC DR) | |
| # uses: docker/login-action@v1 | |
| # with: | |
| # registry: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY_DR}} | |
| # username: ${{secrets.OPENSHIFT_SA_USERNAME}} | |
| # password: ${{secrets.OPENSHIFT_SA_PASSWORD_DR}} | |
| # #Build and push image to OpenShift Image stream - Calgary (OC DR) | |
| # - name: Build & Push Image to Openshift Image Stream - Calgary (OC DR) | |
| # env: | |
| # COMPOSE_DOCKER_CLI_BUILD: 1 | |
| # DOCKER_BUILDKIT: 1 | |
| # CONTEXT: . | |
| # IMAGE: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY_DR}}/${{secrets.OPENSHIFT_TOOLS_NAMESPACE}}/jag-cdds:${{secrets.OPENSHIFT_ENV_TAG}} | |
| # run: | | |
| # docker build \ | |
| # --tag ${IMAGE} \ | |
| # ${CONTEXT} | |
| # docker push ${IMAGE} | |
| #Login to Openshift using OC SA and Token of respective env. for Pod labelling - Silver | |
| - name: Authenticate OC Env Specific SA - Silver | |
| uses: redhat-actions/oc-login@v1 | |
| env: | |
| OPENSHIFT_NAMESPACE: ${{secrets.OPENSHIFT_LICENSE_PLATE_SILVER}}-${{ github.event.inputs.env }} | |
| OPENSHIFT_USER: ${{secrets.OPENSHIFT_SA_Env_DEPLOYER_NAME}} | |
| with: | |
| openshift_server_url: ${{secrets.OPENSHIFT_SERVER_URL_SILVER}} | |
| openshift_token: ${{secrets.OPENSHIFT_SA_ENV_DEPLOYER_TOKEN_SILVER}} | |
| namespace: ${OPENSHIFT_NAMESPACE} | |
| # Labels the deployment config of the application with release version number to spin up the pods labelled in same version - Silver | |
| - name: Labelling DC to release version - Silver | |
| env: | |
| releaseVersion: ${{ env.releaseVersion }} | |
| appName: ${{ github.event.inputs.app }} | |
| openshiftEnvNamespace: ${{secrets.OPENSHIFT_LICENSE_PLATE_SILVER}}-${{ github.event.inputs.env }} | |
| run: | | |
| oc patch dc ${appName} -n ${openshiftEnvNamespace} --patch '{"spec":{"template":{"metadata":{"labels":{"version":"${{ env.releaseVersion }}.${{ env.gitsha }}"}}}}}' | |
| # Wait to DC rollout to get completed before proceeding next stage - Silver | |
| - name: Wait for DC rollout - Silver | |
| env: | |
| appName: ${{ github.event.inputs.app }} | |
| openshiftEnvNamespace: ${{secrets.OPENSHIFT_LICENSE_PLATE_SILVER}}-${{ github.event.inputs.env }} | |
| run: | | |
| oc rollout status -n ${openshiftEnvNamespace} dc/${appName} --watch | |
| # #Login to Openshift using OC SA and Token of respective env. for Pod labelling - Kamloops (OC PROD) | |
| # - name: Authenticate OC Env Specific SA - Kamloops (OC PROD) | |
| # uses: redhat-actions/oc-login@v1 | |
| # env: | |
| # OPENSHIFT_NAMESPACE: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }} | |
| # OPENSHIFT_USER: ${{secrets.OPENSHIFT_SA_Env_DEPLOYER_NAME}} | |
| # with: | |
| # openshift_server_url: ${{secrets.OPENSHIFT_SERVER_URL}} | |
| # openshift_token: ${{secrets.OPENSHIFT_SA_ENV_DEPLOYER_TOKEN}} | |
| # namespace: ${OPENSHIFT_NAMESPACE} | |
| # # Labels the deployment config of the application with release version number to spin up the pods labelled in same version - Kamloops (OC PROD) | |
| # - name: Labelling DC to release version - Kamloops (OC PROD) | |
| # env: | |
| # releaseVersion: ${{ env.releaseVersion }} | |
| # appName: ${{ github.event.inputs.app }} | |
| # openshiftEnvNamespace: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }} | |
| # run: | | |
| # oc patch dc ${appName} -n ${openshiftEnvNamespace} --patch '{"spec":{"template":{"metadata":{"labels":{"version":"${{ env.releaseVersion }}.${{ env.gitsha }}"}}}}}' | |
| # # Wait to DC rollout to get completed before proceeding next stage - Kamloops (OC PROD) | |
| # - name: Wait for DC rollout - Kamloops (OC PROD) | |
| # env: | |
| # appName: ${{ github.event.inputs.app }} | |
| # openshiftEnvNamespace: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }} | |
| # run: | | |
| # oc rollout status -n ${openshiftEnvNamespace} dc/${appName} --watch | |
| # #Login to Openshift using OC SA and Token of respective env. for Pod labelling - Calgary (OC DR) | |
| # - name: Authenticate OC Env Specific SA - Calgary (OC DR) | |
| # uses: redhat-actions/oc-login@v1 | |
| # env: | |
| # OPENSHIFT_NAMESPACE: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }} | |
| # OPENSHIFT_USER: ${{secrets.OPENSHIFT_SA_Env_DEPLOYER_NAME}} | |
| # with: | |
| # openshift_server_url: ${{secrets.OPENSHIFT_SERVER_URL_DR}} | |
| # openshift_token: ${{secrets.OPENSHIFT_SA_ENV_DEPLOYER_TOKEN_DR}} | |
| # namespace: ${OPENSHIFT_NAMESPACE} | |
| # # Labels the deployment config of the application with release version number to spin up the pods labelled in same version - Calgary (OC DR) | |
| # - name: Labelling DC to release version - Calgary (OC DR) | |
| # env: | |
| # releaseVersion: ${{ env.releaseVersion }} | |
| # appName: ${{ github.event.inputs.app }} | |
| # openshiftEnvNamespace: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }} | |
| # run: | | |
| # oc patch dc ${appName} -n ${openshiftEnvNamespace} --patch '{"spec":{"template":{"metadata":{"labels":{"version":"${{ env.releaseVersion }}.${{ env.gitsha }}"}}}}}' | |
| # # Wait to DC rollout to get completed before proceeding next stage - Calgary (OC DR) | |
| # - name: Wait for DC rollout - Calgary (OC DR) | |
| # env: | |
| # appName: ${{ github.event.inputs.app }} | |
| # openshiftEnvNamespace: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }} | |
| # run: | | |
| # oc rollout status -n ${openshiftEnvNamespace} dc/${appName} --watch | |
| - name: Run Integration Tests | |
| env: | |
| TEST_STARTER_URL: ${{secrets.TEST_STARTER_URL}} | |
| BASIC_AUTH_USER: ${{ secrets.BASIC_AUTH_USER }} | |
| BASIC_AUTH_PASS: ${{ secrets.BASIC_AUTH_PASS }} | |
| run: | | |
| RET=`curl --write-out '%{content_type}' --output TestErrors.zip --request GET --user ${BASIC_AUTH_USER}:${BASIC_AUTH_PASS} --url ${TEST_STARTER_URL}` | |
| if [ "$RET" = "application/zip" ]; then | |
| echo "Status: Failed Integration Test(s) found!" | |
| exit 1 | |
| fi | |
| if [ "$RET" = "application/json" ]; then | |
| echo "Status: All Tests Passed" | |
| fi | |
| if [ "$RET" != "application/zip" ] && [ "$RET" != "application/json" ]; then | |
| echo "Received content_type is $RET, was expecting application/json or application/zip" | |
| exit 1 | |
| fi | |
| - name: Archive production artifacts | |
| uses: actions/upload-artifact@v2 | |
| if: failure() | |
| with: | |
| name: integration-tests-report | |
| path: | | |
| TestErrors.zip | |
| retention-days: 5 |