From c67c2af048e1972279147d18a052f13912c413ec Mon Sep 17 00:00:00 2001 From: ychung-mot Date: Tue, 16 Apr 2024 07:31:04 -0700 Subject: [PATCH] chore: artifactory CI/CD --- .github/workflows/build_and_push.yml | 312 +++++++++++++------------- .github/workflows/deploy-dev.yml | 276 +++++++++++------------ .github/workflows/helm-deploy-dev.yml | 8 - helm/_backend/values.yaml | 2 +- helm/_frontend/values.yaml | 2 +- helm/main/values.yaml | 4 +- 6 files changed, 297 insertions(+), 307 deletions(-) diff --git a/.github/workflows/build_and_push.yml b/.github/workflows/build_and_push.yml index 2410e9f8..f3ad6daa 100644 --- a/.github/workflows/build_and_push.yml +++ b/.github/workflows/build_and_push.yml @@ -1,156 +1,156 @@ -# name: Build and Push - -# on: -# workflow_dispatch: -# push: -# branches: -# - main -# paths-ignore: -# - database/** -# - package.json -# - package-lock.json -# - CHANGELOG.md -# - .conventional-changelog.mjs -# - .release-it.json - -# env: -# JFROG_REGISTRY: artifacts.developer.gov.bc.ca -# IMAGE_NAME_FRONTEND: sf4a-strdss/strdss-frontend -# IMAGE_NAME_BACKEND: sf4a-strdss/strdss-backend - -# jobs: -# build-backend: -# runs-on: ubuntu-22.04 -# timeout-minutes: 10 - -# steps: -# - name: Checkout Repository -# uses: actions/checkout@v4 - -# - name: Setup .NET -# uses: actions/setup-dotnet@v3 -# with: -# dotnet-version: '7.0.400' - -# - uses: actions/cache@v3 -# with: -# path: ~/.nuget/packages -# key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} -# restore-keys: | -# ${{ runner.os }}-nuget - -# - name: Setup Tools -# uses: ./.github/actions/setup-tools - -# - name: Build backend -# run: | -# pwd -# dotnet build ./server/server.sln - -# - name: Test backend -# run: dotnet test ./server/server.sln --no-build - -# # SonarQube integration for backend -# - name: SonarQube Scan Backend -# uses: sonarsource/sonarcloud-github-action@v2 -# env: -# SONAR_HOST_URL: https://sonarcloud.io -# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_TEST }} - -# build-frontend: -# runs-on: ubuntu-22.04 -# timeout-minutes: 10 -# permissions: -# contents: read -# packages: write - -# steps: -# - name: Checkout Repository -# uses: actions/checkout@v4 - -# - name: Setup Node.js -# uses: actions/setup-node@v3 -# with: -# node-version: '18' - -# - name: Install Angular CLI -# run: | -# cd ./frontend -# npm install -g @angular/cli - -# - name: Install project dependencies -# run: | -# cd ./frontend -# npm install - -# - name: Build frontend -# run: | -# cd ./frontend -# ng build --configuration=production - -# - name: Run frontend tests -# run: | -# cd ./frontend -# ng test --watch=false --progress=false --browsers=ChromeHeadless --code-coverage --source-map=false -# continue-on-error: true - -# # SonarQube integration frontend -# - name: SonarQube Scan -# uses: sonarsource/sonarcloud-github-action@v2 -# env: -# SONAR_HOST_URL: https://sonarcloud.io -# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_TEST }} - -# Docker-build-backend: -# needs: [build-backend] -# runs-on: ubuntu-22.04 -# timeout-minutes: 10 -# permissions: -# contents: read -# packages: write - -# steps: -# - uses: actions/checkout@v4 - -# - name: Setup Tools -# uses: ./.github/actions/setup-tools - -# - name: Build Docker image -# run: cd server && docker build -t strdss-backend -f Dockerfile . - -# - name: Tag Docker image -# run: docker tag strdss-backend artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend:latest - -# - name: Push Docker image to Artifactory -# run: | -# docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }} -# docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend:latest - -# Docker-build-frontend: -# needs: [build-frontend] -# runs-on: ubuntu-22.04 -# timeout-minutes: 10 -# permissions: -# contents: read -# packages: write - -# steps: -# - uses: actions/checkout@v4 - -# - name: Setup Tools -# uses: ./.github/actions/setup-tools - -# - name: Render style_nonce -# id: render_style_nonce -# run: echo "::set-output name=style_nonce::$(echo -n ${{ github.sha }} | base64)" - -# - name: Build Docker image -# run: cd server && docker build -t strdss-frontend -f Dockerfile . - -# - name: Tag Docker image -# run: docker tag strdss-frontend artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend:latest - -# - name: Push Docker image to Artifactory -# run: | -# docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }} -# docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend:latest \ No newline at end of file +name: Build and Push + +on: + workflow_dispatch: + push: + branches: + - main + paths-ignore: + - database/** + - package.json + - package-lock.json + - CHANGELOG.md + - .conventional-changelog.mjs + - .release-it.json + +env: + JFROG_REGISTRY: artifacts.developer.gov.bc.ca + IMAGE_NAME_FRONTEND: sf4a-strdss/strdss-frontend + IMAGE_NAME_BACKEND: sf4a-strdss/strdss-backend + +jobs: + build-backend: + runs-on: ubuntu-22.04 + timeout-minutes: 10 + + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Setup .NET + uses: actions/setup-dotnet@v3 + with: + dotnet-version: '7.0.400' + + - uses: actions/cache@v3 + with: + path: ~/.nuget/packages + key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} + restore-keys: | + ${{ runner.os }}-nuget + + - name: Setup Tools + uses: ./.github/actions/setup-tools + + - name: Build backend + run: | + pwd + dotnet build ./server/server.sln + + - name: Test backend + run: dotnet test ./server/server.sln --no-build + + # SonarQube integration for backend + - name: SonarQube Scan Backend + uses: sonarsource/sonarcloud-github-action@v2 + env: + SONAR_HOST_URL: https://sonarcloud.io + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_TEST }} + + build-frontend: + runs-on: ubuntu-22.04 + timeout-minutes: 10 + permissions: + contents: read + packages: write + + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: '18' + + - name: Install Angular CLI + run: | + cd ./frontend + npm install -g @angular/cli + + - name: Install project dependencies + run: | + cd ./frontend + npm install + + - name: Build frontend + run: | + cd ./frontend + ng build --configuration=production + + - name: Run frontend tests + run: | + cd ./frontend + ng test --watch=false --progress=false --browsers=ChromeHeadless --code-coverage --source-map=false + continue-on-error: true + + # SonarQube integration frontend + - name: SonarQube Scan + uses: sonarsource/sonarcloud-github-action@v2 + env: + SONAR_HOST_URL: https://sonarcloud.io + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_TEST }} + + Docker-build-backend: + needs: [build-backend] + runs-on: ubuntu-22.04 + timeout-minutes: 10 + permissions: + contents: read + packages: write + + steps: + - uses: actions/checkout@v4 + + - name: Setup Tools + uses: ./.github/actions/setup-tools + + - name: Build Docker image + run: cd server && docker build -t strdss-backend -f Dockerfile . + + - name: Tag Docker image + run: docker tag strdss-backend artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend:latest + + - name: Push Docker image to Artifactory + run: | + docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }} + docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend:latest + + Docker-build-frontend: + needs: [build-frontend] + runs-on: ubuntu-22.04 + timeout-minutes: 10 + permissions: + contents: read + packages: write + + steps: + - uses: actions/checkout@v4 + + - name: Setup Tools + uses: ./.github/actions/setup-tools + + - name: Render style_nonce + id: render_style_nonce + run: echo "::set-output name=style_nonce::$(echo -n ${{ github.sha }} | base64)" + + - name: Build Docker image + run: cd server && docker build -t strdss-frontend -f Dockerfile . + + - name: Tag Docker image + run: docker tag strdss-frontend artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend:latest + + - name: Push Docker image to Artifactory + run: | + docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }} + docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend:latest \ No newline at end of file diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index eaa2f6ff..6dc74ac6 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -1,138 +1,138 @@ -name: Deploy Dev Environment - -on: - push: - branches: - - main - paths-ignore: - - database/** - - package.json - - package-lock.json - - CHANGELOG.md - - .conventional-changelog.mjs - - .release-it.json - -env: - GITHUB_REGISTRY: ghcr.io - IMAGE_NAME_FRONTEND: bcgov/strdss-frontend - IMAGE_NAME_BACKEND: bcgov/strdss-backend - -jobs: - test-backend: - runs-on: ubuntu-22.04 - timeout-minutes: 10 - - steps: - - name: Checkout Repository - uses: actions/checkout@v4 - - - name: Setup .NET - uses: actions/setup-dotnet@v3 - with: - dotnet-version: '7.0.400' - - - uses: actions/cache@v3 - with: - path: ~/.nuget/packages - # Look to see if there is a cache hit for the corresponding requirements file - key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} - restore-keys: | - ${{ runner.os }}-nuget - - - name: Build - run: | - pwd - dotnet build ./server/server.sln - - - name: Test - run: dotnet test ./server/server.sln --no-build - - build-frontend: - needs: [test-backend] - runs-on: ubuntu-22.04 - timeout-minutes: 10 - permissions: - contents: read - packages: write - - steps: - - uses: hmarr/debug-action@a701ed95a46e6f2fb0df25e1a558c16356fae35a - - uses: actions/checkout@96f53100ba2a5449eb71d2e6604bbcd94b9449b5 - - - name: Setup Tools - uses: ./.github/actions/setup-tools - - - name: Build and Push - uses: egose/actions/docker-build-push@04830c07edee3c552f2c5a0330a674ff0d366c66 - with: - registry-url: ${{ env.GITHUB_REGISTRY }} - registry-username: ${{ github.actor }} - registry-password: ${{ secrets.GITHUB_TOKEN }} - image-name: ${{ env.IMAGE_NAME_FRONTEND }} - docker-context: frontend - docker-file: frontend/Dockerfile - docker-args: | - generate_sourcemap=true - metadata-tags: | - type=ref,event=branch - type=sha,format=long,prefix=,suffix= - - build-backend: - needs: [test-backend] - runs-on: ubuntu-22.04 - timeout-minutes: 10 - permissions: - contents: read - packages: write - - steps: - - uses: hmarr/debug-action@a701ed95a46e6f2fb0df25e1a558c16356fae35a - - uses: actions/checkout@96f53100ba2a5449eb71d2e6604bbcd94b9449b5 - - - name: Setup Tools - uses: ./.github/actions/setup-tools - - - name: Build and Push - uses: egose/actions/docker-build-push@04830c07edee3c552f2c5a0330a674ff0d366c66 - with: - registry-url: ${{ env.GITHUB_REGISTRY }} - registry-username: ${{ github.actor }} - registry-password: ${{ secrets.GITHUB_TOKEN }} - image-name: ${{ env.IMAGE_NAME_BACKEND }} - docker-context: server - docker-file: server/Dockerfile - metadata-tags: | - type=ref,event=branch - type=sha,format=long,prefix=,suffix= - - deploy: - needs: [build-frontend, build-backend] - runs-on: ubuntu-22.04 - timeout-minutes: 5 - permissions: - contents: read - environment: - name: dev - url: https://dev-strdata.apps.silver.devops.gov.bc.ca/ - - steps: - - uses: hmarr/debug-action@a701ed95a46e6f2fb0df25e1a558c16356fae35a - - uses: actions/checkout@96f53100ba2a5449eb71d2e6604bbcd94b9449b5 - - - name: Authenticate and set context - uses: redhat-actions/oc-login@9b79eb6d8ec51bce42cb4e77f0a174fc80cf3cb9 - with: - openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} - openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} - namespace: f4a30d-dev - insecure_skip_tls_verify: true - - - name: Deploy apps with Helm chart - run: | - make upgrade \ - NAMESPACE=f4a30d-dev \ - NAME=strdss-dev \ - ENV_NAME=dev \ - IMAGE_TAG_FRONTEND=${{ github.sha }} \ - IMAGE_TAG_BACKEND=${{ github.sha }} \ - working-directory: ./helm/main +# name: Deploy Dev Environment + +# on: +# push: +# branches: +# - main +# paths-ignore: +# - database/** +# - package.json +# - package-lock.json +# - CHANGELOG.md +# - .conventional-changelog.mjs +# - .release-it.json + +# env: +# GITHUB_REGISTRY: ghcr.io +# IMAGE_NAME_FRONTEND: bcgov/strdss-frontend +# IMAGE_NAME_BACKEND: bcgov/strdss-backend + +# jobs: +# test-backend: +# runs-on: ubuntu-22.04 +# timeout-minutes: 10 + +# steps: +# - name: Checkout Repository +# uses: actions/checkout@v4 + +# - name: Setup .NET +# uses: actions/setup-dotnet@v3 +# with: +# dotnet-version: '7.0.400' + +# - uses: actions/cache@v3 +# with: +# path: ~/.nuget/packages +# # Look to see if there is a cache hit for the corresponding requirements file +# key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} +# restore-keys: | +# ${{ runner.os }}-nuget + +# - name: Build +# run: | +# pwd +# dotnet build ./server/server.sln + +# - name: Test +# run: dotnet test ./server/server.sln --no-build + +# build-frontend: +# needs: [test-backend] +# runs-on: ubuntu-22.04 +# timeout-minutes: 10 +# permissions: +# contents: read +# packages: write + +# steps: +# - uses: hmarr/debug-action@a701ed95a46e6f2fb0df25e1a558c16356fae35a +# - uses: actions/checkout@96f53100ba2a5449eb71d2e6604bbcd94b9449b5 + +# - name: Setup Tools +# uses: ./.github/actions/setup-tools + +# - name: Build and Push +# uses: egose/actions/docker-build-push@04830c07edee3c552f2c5a0330a674ff0d366c66 +# with: +# registry-url: ${{ env.GITHUB_REGISTRY }} +# registry-username: ${{ github.actor }} +# registry-password: ${{ secrets.GITHUB_TOKEN }} +# image-name: ${{ env.IMAGE_NAME_FRONTEND }} +# docker-context: frontend +# docker-file: frontend/Dockerfile +# docker-args: | +# generate_sourcemap=true +# metadata-tags: | +# type=ref,event=branch +# type=sha,format=long,prefix=,suffix= + +# build-backend: +# needs: [test-backend] +# runs-on: ubuntu-22.04 +# timeout-minutes: 10 +# permissions: +# contents: read +# packages: write + +# steps: +# - uses: hmarr/debug-action@a701ed95a46e6f2fb0df25e1a558c16356fae35a +# - uses: actions/checkout@96f53100ba2a5449eb71d2e6604bbcd94b9449b5 + +# - name: Setup Tools +# uses: ./.github/actions/setup-tools + +# - name: Build and Push +# uses: egose/actions/docker-build-push@04830c07edee3c552f2c5a0330a674ff0d366c66 +# with: +# registry-url: ${{ env.GITHUB_REGISTRY }} +# registry-username: ${{ github.actor }} +# registry-password: ${{ secrets.GITHUB_TOKEN }} +# image-name: ${{ env.IMAGE_NAME_BACKEND }} +# docker-context: server +# docker-file: server/Dockerfile +# metadata-tags: | +# type=ref,event=branch +# type=sha,format=long,prefix=,suffix= + +# deploy: +# needs: [build-frontend, build-backend] +# runs-on: ubuntu-22.04 +# timeout-minutes: 5 +# permissions: +# contents: read +# environment: +# name: dev +# url: https://dev-strdata.apps.silver.devops.gov.bc.ca/ + +# steps: +# - uses: hmarr/debug-action@a701ed95a46e6f2fb0df25e1a558c16356fae35a +# - uses: actions/checkout@96f53100ba2a5449eb71d2e6604bbcd94b9449b5 + +# - name: Authenticate and set context +# uses: redhat-actions/oc-login@9b79eb6d8ec51bce42cb4e77f0a174fc80cf3cb9 +# with: +# openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} +# openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} +# namespace: f4a30d-dev +# insecure_skip_tls_verify: true + +# - name: Deploy apps with Helm chart +# run: | +# make upgrade \ +# NAMESPACE=f4a30d-dev \ +# NAME=strdss-dev \ +# ENV_NAME=dev \ +# IMAGE_TAG_FRONTEND=${{ github.sha }} \ +# IMAGE_TAG_BACKEND=${{ github.sha }} \ +# working-directory: ./helm/main diff --git a/.github/workflows/helm-deploy-dev.yml b/.github/workflows/helm-deploy-dev.yml index ebe6ae15..2806fa32 100644 --- a/.github/workflows/helm-deploy-dev.yml +++ b/.github/workflows/helm-deploy-dev.yml @@ -32,16 +32,8 @@ jobs: namespace: f4a30d-dev insecure_skip_tls_verify: true - - name: Log in to JFrog Artifactory - uses: docker/login-action@v1 - with: - registry: artifacts.developer.gov.bc.ca - username: ${{ secrets.JFROG_USERNAME }} - password: ${{ secrets.JFROG_PASSWORD }} - - name: Deploy apps with Helm chart run: | - docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }} make upgrade \ NAMESPACE=f4a30d-dev \ NAME=strdss-dev \ diff --git a/helm/_backend/values.yaml b/helm/_backend/values.yaml index dd518411..49b9454a 100644 --- a/helm/_backend/values.yaml +++ b/helm/_backend/values.yaml @@ -5,7 +5,7 @@ replicaCount: 1 image: - repository: ghcr.io/bcgov/strdss-backend + repository: artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend tag: latest pullPolicy: Always diff --git a/helm/_frontend/values.yaml b/helm/_frontend/values.yaml index 74726d01..331a852f 100644 --- a/helm/_frontend/values.yaml +++ b/helm/_frontend/values.yaml @@ -5,7 +5,7 @@ replicaCount: 1 image: - repository: ghcr.io/bcgov/strdss-frontend + repository: artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend tag: latest pullPolicy: Always diff --git a/helm/main/values.yaml b/helm/main/values.yaml index 9983135c..758618c3 100644 --- a/helm/main/values.yaml +++ b/helm/main/values.yaml @@ -1,4 +1,2 @@ global: - licensePlate: f4a30d - imagePullSecrets: - - name: gh-registry-config \ No newline at end of file + licensePlate: f4a30d \ No newline at end of file