generated from bcgov/quickstart-openshift
-
Notifications
You must be signed in to change notification settings - Fork 0
133 lines (126 loc) · 4.83 KB
/
.deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: .Deploys
on:
workflow_call:
inputs:
### Required
# Nothing! Only `secrets: inherit` is required
### Typical / recommended
allowed_origins:
description: Allowed origins for CORS
required: false
type: string
environment:
description: GitHub/OpenShift environment; usually PR number, test or prod
default: ''
required: false
type: string
tag:
description: Container tag; usually PR number
default: ${{ github.event.number }}
required: false
type: string
target:
description: Deployment target; usually PR number, test or prod
default: ${{ github.event.number }}
required: false
type: string
outputs:
run_tests:
description: Run Cypress tests if the core apps have changed (excludes sync)
value: ${{ jobs.init.outputs.deploy_core }}
jobs:
init:
name: Deploy (init)
environment: ${{ inputs.environment }}
outputs:
allowed_origins: ${{ steps.allowed_origins.outputs.allowed_origins }}
route: ${{ steps.route.outputs.route }}
runs-on: ubuntu-latest
steps:
- name: FAM routing
id: route
run: |
if [ ${{ github.event_name }} == 'pull_request' ]; then
echo "route=$(( ${{ inputs.target }} % 50 ))" >> $GITHUB_OUTPUT
else
echo "route=${{ inputs.target }}" >> $GITHUB_OUTPUT
fi
- name: ALLOWED_ORIGINS
id: allowed_origins
run: |
# If not set, use default routes
if [ -z ${{ inputs.allowed_origins }} ]; then
echo "allowed_origins=https://${{ github.event.repository.name }}-$(( ${{ github.event.number }} % 50 ))-frontend.apps.silver.devops.gov.bc.ca" >> $GITHUB_OUTPUT
else
echo "allowed_origins=${{ inputs.allowed_origins }}" >> $GITHUB_OUTPUT
fi
- name: OpenShift Init
uses: bcgov-nr/action-deployer-openshift@v3.0.1
with:
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
file: common/openshift.init.yml
overwrite: true
parameters:
-p ZONE=${{ inputs.target }}
-p ORACLE_DB_USER=${{ secrets.DB_USER }}
-p ORACLE_DB_PASSWORD='${{ secrets.ORACLE_DB_PASSWORD }}'
-p ORACLE_DB_HOST='${{ secrets.ORACLE_DB_HOST }}'
-p ORACLE_DB_SERVICE='${{ secrets.ORACLE_DB_SERVICE }}'
-p POSTGRES_DB_PASSWORD='${{ secrets.POSTGRES_DB_PASSWORD }}'
-p FORESTCLIENTAPI_KEY='${{ secrets.FORESTCLIENTAPI_KEY }}'
-p VITE_USER_POOLS_WEB_CLIENT_ID=${{ vars.VITE_USER_POOLS_WEB_CLIENT_ID }}
-p VITE_USER_POOLS_ID=${{ vars.VITE_USER_POOLS_ID }}
triggers: ${{ github.event_name == 'pull_request' && '(backend common/ frontend/)' || '' }}
deploy:
name: Deploy
environment: ${{ inputs.environment }}
needs: [init]
runs-on: ubuntu-latest
timeout-minutes: 15
strategy:
matrix:
name: [database, backend, frontend]
include:
- name: database
file: common/openshift.database.yml
parameters:
-p DB_PVC_SIZE=128Mi
overwrite: false
- name: backend
file: backend/openshift.deploy.yml
overwrite: true
parameters:
-p MAX_REPLICAS=1
-p MIN_REPLICAS=1
-p DB_POOL_MAX_SIZE=1
-p AWS_COGNITO_ISSUER_URI=https://cognito-idp.${{ vars.AWS_REGION }}.amazonaws.com/${{ vars.VITE_USER_POOLS_ID }}
-p DASHBOARD_JOB_IDIR_USERS=${{ vars.DASHBOARD_JOB_IDIR_USERS }}
-p WMS_LAYERS_WHITELIST_USERS=${{ vars.WMS_LAYERS_WHITELIST_USERS }}
-p ALLOWED_ORIGINS=${{ needs.init.outputs.allowed_origins }}
verification_path: /actuator/health
- name: frontend
file: frontend/openshift.deploy.yml
overwrite: true
parameters:
-p MIN_REPLICAS=1
-p MAX_REPLICAS=1
-p FAM_ROUTE=${{ needs.init.outputs.route }}
steps:
- uses: bcgov-nr/action-deployer-openshift@v3.0.1
id: deploys
with:
file: ${{ matrix.file }}
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: ${{ matrix.overwrite }}
parameters:
-p ZONE=${{ inputs.target }} -p TAG=${{ inputs.tag }}
${{ matrix.parameters }}
timeout: 15m
triggers: ${{ github.event_name == 'pull_request' && '(backend common/ frontend/)' || '' }}
verification_path: ${{ matrix.verification_path }}
verification_retry_attempts: 5
verification_retry_seconds: 20