Skip to content

bcgov/nr-soils-relocation

Repository files navigation

Lifecycle:Experimental

Soil Relocation Information System

This is a mapping application providing high-volume receiving site registration to Indigenous Nations, municipalities and other interested parties. Subscribe for notifications in your area!

Process

  1. BC users in BC submit soil relocation information using a CHEFS form (link coming soon)

  2. This script is run on a schedule

  3. Data from CHEFS forms is uploaded to ArcGIS Online (AGOL) and soil movement subscribers are notified

  4. This information is displayed in the frontend, which is be made public soon

Technical

The Project uses OpenShift CronJobs

The template is here

The workflow file for build and deploy is here.

GitHub secrets are passed as environment variables through a configmap.

The CHES API Key is generated from Postman, by providing the username(client_id) and (client_secret). That populates as environment variable(CHES_API_OAUTH_SECRET) in the pipeline.

Cronjob times are in UTC, like the OpenShift servers.

OpenShift Deployment

NOTE: This application is the middle layer between CHEFS forms and AGOL, neither of which offer non-PROD environments. Once our application hits production and becomes publicly available this approach will be revisited.

  1. Clone this repository and make changes in feature branches (e.g. feat/abc). Submit changes in Pull Requests against the main branch.

  2. Once the code is reviewed and approved, merge it to main branch.

  3. Now the code can be deployed to TEST/PROD environments.

    1. PROD Deployment
      1. Go to the Actions tab, click on Build And Add Job to Openshift Prod and trigger a build

        1. Provide a unique tag number. Check the releases/tags and increment accordingly
        2. Please make sure you are only entering the number without the release prefix, if the latest release shows release/1.0.0, your input should be 1.0.1
        3. Click on Run workflow button
      2. The workflow will:

        1. Build and push a container image to the GitHub Container Registry (GHCR.io), tagged with the release you provided

        2. Create the matching GitHub release/tag

        3. Deploy code and configmap changes to OpenShift

      3. A cronjob will be deployed in the PROD environment using the new image

    2. TEST Deployment
      1. Go to the Actions tab, click on Build And Add Job to Openshift Test and trigger the job. The workflow will, do the following:

        1. Build and push a container image to the GitHub Container Registry (GHCR.io), tagged with latest
        2. Deploy code and configmap changes to OpenShift, reading from github test environment
        3. A cronjob will be deployed in the PROD environment using the new image
  4. Environment variables are supplied to the container through the configmap using GitHub Secrets

  5. Environment varialbes must be updated only through GitHub Secrets, our source of truth

  6. The cronjob is scheduled to run daily at 8 AM UTC (1AM PDT)

  7. Cronjobs can be triggered manually, usually for testing, with the One-Time Job steps below

One-Time Job

Sometimes waiting for a scheduled cronjob is not practical. These steps explain how to run a one-time job.

  1. Visit the appropriate OpenShift console

  2. Copy the spec.spec.containers section of the cronjob template, including the container's TAG

  3. Go to Jobs menu in the same namespace and click Create Job, located on the right hand side

  4. Populate the job, and below, and click Create

    1. Name: sris-1-of-job-$name, using your own name for $name

    2. Containers: using the code copied in step 2, above

  5. Verify that a new container is running your new job

  6. Finally, delete this and any other completed jobs

Adding GitHub Secret as configmap entry to the job.

  1. Create a new GitHub secret in the repository
  2. Modify/update two places in the workflow file located here .github/workflows/ci-openshift-prod.yaml.
    1. Add the secret as env variable ENV_VAR_NAME=${{ secrets.SECRET_NAME }}, ex: https://github.com/bcgov/nr-soils-relocation/blob/main/.github/workflows/ci-openshift-prod.yaml#L25
    2. Pass the env variable as a parameter to the job deployment template `-p CONFIG_NAME=${{env.ENV_VAR__NAME}}, ex: https://github.com/bcgov/nr-soils-relocation/blob/main/.github/workflows/ci-openshift-prod.yaml#L94
  3. Add the corresponding entry into the openshift deploy at 2 places, file located here openshift/sris-schedule-job.yml
    1. The parameter ,it should have the same name as in the config name in step 2.2 , ex: https://github.com/bcgov/nr-soils-relocation/blob/main/openshift/sris-schedule-job.yml#L25
    2. Then the parameter is added as a config map, ex: https://github.com/bcgov/nr-soils-relocation/blob/main/openshift/sris-schedule-job.yml#L89
  4. Once this is completed. the new secret is now available as configmap entry to the job.