Skip to content
Build PR

Try to fix "System.UnauthorizedAccessException" #4 #7093

Sign in to view logs

Try to fix "System.UnauthorizedAccessException" #4

Try to fix "System.UnauthorizedAccessException" #4 #7093

Workflow file for this run

.github/workflows/build-pr.yml at cffde50
name: Build PR
# Build all of the necessary components for the PRIME application from PullRequest branch. Images are then deployed to Dev environment via the prime-app-ephemeral-template.yml in the infrastructure folder
on:
push:
paths-ignore: # do NOT trigger on changes to backup service.
- prime-database-backup/**
- .github/workflows/build-deploy-backup-dev.yml
branches-ignore:
- 'develop'
- 'test'
- 'master'
workflow_dispatch:
pull_request:
paths-ignore:
- prime-database-backup/**
- .github/workflows/build-deploy-backup-dev.yml
branches-ignore:
- 'develop'
- 'test'
- 'master'
jobs:
build-document-manager-backend:
runs-on: ubuntu-20.04
environment: Development
steps:
- name: "Checkout the repo"
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.docman-cache
key: prime-docman-${{ github.sha }}
restore-keys: |
prime-docman-
- name: "Login to OpenShift repository"
uses: docker/login-action@v2
with:
registry: ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}
username: ${{secrets.OPENSHIFT_TOOLS_SERVICE_ACCOUNT_USERNAME}}
password: ${{secrets.OPENSHIFT_TOOLS_SERVICE_ACCOUNT_PASSWORD}}
- name: "Get current pull request"
id: PR
uses: 8BitJonny/gh-get-current-pr@2.2.0
with:
github-token: ${{secrets.GITHUB_TOKEN}}
filterOutClosed: true
- name: "Build Document Manager image"
run: |
docker build document-manager/backend/ \
--file document-manager/backend/openshift.dockerfile \
--tag prime-document-manager \
--build-arg BUILD_LOGLEVEL=2 \
--build-arg SVC_NAME=pr-${{steps.PR.outputs.number}}
- name: "Docker tag and push Document Manager image"
run: |
docker tag prime-document-manager ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}/${{secrets.OPENSHIFT_LICENSE_PLATE}}-tools/prime-document-manager:pr-${{steps.PR.outputs.number}}
docker push ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}/${{secrets.OPENSHIFT_LICENSE_PLATE}}-tools/prime-document-manager:pr-${{steps.PR.outputs.number}}
build-backend:
runs-on: ubuntu-20.04
environment: Development
steps:
- name: "Checkout the repo"
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.backend-cache
key: prime-backend-${{ github.sha }}
restore-keys: |
prime-backend-
- name: "Login to OpenShift repository"
uses: docker/login-action@v2
with:
registry: ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}
username: ${{secrets.OPENSHIFT_TOOLS_SERVICE_ACCOUNT_USERNAME}}
password: ${{secrets.OPENSHIFT_TOOLS_SERVICE_ACCOUNT_PASSWORD}}
- name: "Login to RedHat container repository"
uses: docker/login-action@v2
with:
registry: ${{secrets.REDHAT_REGISTRY_URL}}
username: ${{secrets.REDHAT_REGISTRY_SERVICE_ACCOUNT_USER}}
password: ${{secrets.REDHAT_REGISTRY_SERVICE_ACCOUNT_AUTH_TOKEN}}
- name: "Get current pull request"
uses: 8BitJonny/gh-get-current-pr@2.2.0
id: PR
with:
github-token: ${{secrets.GITHUB_TOKEN}}
filterOutClosed: true
- name: "Build .NET web API image"
run: |
docker build prime-dotnet-webapi/ \
--file prime-dotnet-webapi/openshift.dockerfile \
--tag prime-webapi-backend \
--build-arg ASPNETCORE_ENVIRONMENT="Development" \
--build-arg ASPNETCORE_HTTPS_PORT=5001 \
--build-arg ASPNETCORE_URLS="http://+:8080" \
--build-arg DB_CONNECTION_STRING="host=pr-${{steps.PR.outputs.number}}-postgres-db;port=5432;database=${{secrets.PRIME_DB_USER}}-${{steps.PR.outputs.number}};username=${{secrets.PRIME_DB_USER}};password=${{secrets.PRIME_DB_PASSWORD}}" \
--build-arg DB_HOST=pr-${{steps.PR.outputs.number}}-postgres-db \
--build-arg DOTNET_CLI_HOME="/tmp/DOTNET_CLI_HOME" \
--build-arg PGPASSWORD=${{secrets.PRIME_DB_PASSWORD}} \
--build-arg POSTGRESQL_ADMIN_PASSWORD=${{secrets.PRIME_DB_PASSWORD}} \
--build-arg POSTGRESQL_DATABASE=${{secrets.PRIME_DB_USER}}-${{steps.PR.outputs.number}} \
--build-arg POSTGRESQL_USERNAME=${{secrets.PRIME_DB_USER}} \
--build-arg SVC_NAME="pr-${{steps.PR.outputs.number}}"
- name: "Docker tag and push .NET web API image"
run: |
docker tag prime-webapi-backend ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}/${{secrets.OPENSHIFT_LICENSE_PLATE}}-tools/prime-webapi-backend:pr-${{steps.PR.outputs.number}}
docker push ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}/${{secrets.OPENSHIFT_LICENSE_PLATE}}-tools/prime-webapi-backend:pr-${{steps.PR.outputs.number}}
build-frontend:
runs-on: ubuntu-latest
environment: Development
defaults:
run:
working-directory: prime-angular-frontend
steps:
- name: "Checkout the repo"
uses: actions/checkout@v3
- uses: actions/setup-node@v2
with:
node-version: '16.14.0'
cache: 'yarn'
cache-dependency-path: prime-angular-frontend/yarn.lock
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.frontend-cache
key: prime-frontend-${{ github.sha }}
restore-keys: |
prime-frontend-
- name: "Login to OpenShift repository"
uses: docker/login-action@v2
with:
registry: ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}
username: ${{secrets.OPENSHIFT_TOOLS_SERVICE_ACCOUNT_USERNAME}}
password: ${{secrets.OPENSHIFT_TOOLS_SERVICE_ACCOUNT_PASSWORD}}
- name: "Get current pull request"
uses: 8BitJonny/gh-get-current-pr@2.2.0
id: PR
with:
github-token: ${{secrets.GITHUB_TOKEN}}
filterOutClosed: true
- name: Cache dependencies
uses: actions/cache@v3
with:
path: 'prime-angular-frontend/node_modules'
key: npm-frontend-${{ hashFiles('yarn.lock') }}
restore-keys: npm-frontend-
- name: install yarn
run: npm install -g yarn
- run: yarn global add @angular/compiler-cli@16.2.12
- run: yarn global add @angular/cli@16.2.9
- name: install dependencies
run: yarn
- name: build frontend
run: yarn run build
- name: "Build Angular frontend image"
run: |
docker build . \
--file ci.dockerfile \
--tag prime-angular-frontend
- name: "Docker tag and push Angular frontend image"
run: |
docker tag prime-angular-frontend ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}/${{secrets.OPENSHIFT_LICENSE_PLATE}}-tools/prime-frontend:pr-${{steps.PR.outputs.number}}
docker push ${{secrets.OPENSHIFT_IMAGE_REPOSITORY}}/${{secrets.OPENSHIFT_LICENSE_PLATE}}-tools/prime-frontend:pr-${{steps.PR.outputs.number}}
apply-oc-template:
runs-on: ubuntu-20.04
environment: Development
needs: [build-document-manager-backend, build-frontend, build-backend]
steps:
- name: "Use the OpenShift template"
uses: actions/checkout@v3
- name: Install OC
uses: redhat-actions/openshift-tools-installer@v1
with:
oc: "4.6"
- name: Authenticate and set context
uses: redhat-actions/oc-login@v1.1
with:
openshift_server_url: ${{secrets.OPENSHIFT_SERVER_URL}}
openshift_token: ${{secrets.OPENSHIFT_SERVICE_TOKEN}}
namespace: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{secrets.OPENSHIFT_ENVIRONMENT}}
- name: "Get current pull request"
uses: 8BitJonny/gh-get-current-pr@2.2.0
id: PR
with:
github-token: ${{secrets.GITHUB_TOKEN}}
filterOutClosed: true
- name: "Process template"
id: oc
env:
COMPOSE_DOCKER_CLI_BUILD: 1
DOCKER_BUILDKIT: 1
PR_NUMBER: ${{steps.PR.outputs.number}}
run: |
echo PR_NUMBER=$PR_NUMBER
oc process -f infrastructure/prime-app-ephemeral-template.yml \
-p ASP_ENV=Development \
-p FRONTEND_URL=pr-$PR_NUMBER \
-p IMAGE_TAG=pr-$PR_NUMBER \
-p SVC_NAME=pr-$PR_NUMBER \
-p OC_LICENSE_PLATE=${{secrets.OPENSHIFT_LICENSE_PLATE}} \
-p URL_STUB=.pharmanetenrolment.gov.bc.ca \
-p WEB_PORT=8080 \
-n ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{secrets.OPENSHIFT_ENVIRONMENT}} | oc apply -n ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{secrets.OPENSHIFT_ENVIRONMENT}} -f -