CI-CD Release Test to UAT #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI-CD Release Test to UAT | |
env: | |
OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} | |
# service account: gitaction | |
OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} | |
OPENSHIFT_TOOLS_NAMESPACE: "3cd915-tools" | |
MS_TEAMS_WEBHOOK_BUILD_CHANNEL: ${{ secrets.MS_TEAMS_WEBHOOK_URI_BUILD_CHANNEL }} | |
AUTH__KEYCLOAK__SECRET: ${{ secrets.KEYCLOAK_SECRET_UAT }} | |
AUTH__KEYCLOAK__SERVICEACCOUNT__SECRET: ${{ secrets.KEYCLOAK_SERVICEACCOUNT_SECRET }} | |
sync-directory: ./tools/keycloak/sync | |
## variables for scripts under git\openshift\4.0\scripts\oc-*.sh | |
APP_PORT: 8080 | |
DESTINATION: "uat" | |
OC_JOB_NAME: "uat" | |
GIT_URL: "${{github.server_url}}/${{github.repository}}" | |
GIT_BRANCH: "${{github.ref}}" | |
APP_NAME: "pims" | |
PROJ_PREFIX: "3cd915" | |
PROJ_TOOLS: "3cd915-tools" | |
PROJ_DEV: "dev" | |
PROJ_TEST: "test" | |
PROJ_PROD: "prod" | |
TAG_DEV: "dev" | |
TAG_TEST: "test" | |
TAG_PROD: "prod" | |
INSTANCE: "-uat" | |
NAMESPACE_OVERRIDE: "3cd915-test" | |
RELEASE_TAG: "test" | |
on: workflow_dispatch | |
jobs: | |
ci-cd-start-notification: | |
name: CI-CD Start Notification to Teams Channel | |
runs-on: ubuntu-latest | |
steps: | |
- name: Start notification to Teams Channel | |
uses: dragos-cojocari/[email protected] | |
with: | |
github-token: ${{ github.token }} | |
ms-teams-webhook-uri: ${{ env.MS_TEAMS_WEBHOOK_BUILD_CHANNEL }} | |
notification-summary: PIMS Release DEV to TST Started | |
notification-color: 17a2b8 | |
timezone: America/Los_Angeles | |
deploy: | |
name: Retag/Deploy frontend and api to OpenShift | |
needs: ci-cd-start-notification | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Source Code | |
uses: actions/checkout@v3 | |
- name: Login to OpenShift | |
uses: redhat-actions/oc-login@v1 | |
with: | |
openshift_server_url: ${{ env.OPENSHIFT_SERVER }} | |
openshift_token: ${{ env.OPENSHIFT_TOKEN }} | |
insecure_skip_tls_verify: true | |
namespace: ${{ env.OPENSHIFT_TOOLS_NAMESPACE }} | |
- name: call scripts to deploy api and frontend | |
run: | | |
./openshift/4.0/player.sh deploy api $DESTINATION -apply | |
./openshift/4.0/player.sh deploy app $DESTINATION -apply | |
# the command: | |
# 1) creates an openshift job with generated name to avoid name conflict, substituting the variables in the template. | |
# 2) greps the generated name from the previous step. | |
# 3) waits for the job to complete using the generated name. | |
database-upgrade: | |
name: Upgrade database | |
needs: [deploy] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Source Code | |
uses: actions/checkout@v3 | |
- name: Login to OpenShift | |
uses: redhat-actions/oc-login@v1 | |
with: | |
openshift_server_url: ${{ env.OPENSHIFT_SERVER }} | |
openshift_token: ${{ env.OPENSHIFT_TOKEN }} | |
insecure_skip_tls_verify: true | |
namespace: 3cd915-test | |
- name: call scripts to upgrade database | |
shell: bash | |
run: | | |
oc process -f ./openshift/4.0/templates/jobs/db-deploy.yaml -p DB_SECRET_NAME=pims-database -p GIT_BRANCH=test -p SERVER_NAME=sqlprd.th.gov.bc.ca -p DB_NAME=PIMS_UAT -p NAMESPACE=3cd915-test | oc create -f - | grep -oP "(?<=job\.batch/)[^\s]*" | (read JOB_NAME; oc wait --for=condition=complete job/$JOB_NAME --timeout=120s) | |
sync-keycloak: | |
name: Sync Keycloak | |
needs: database-upgrade | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Source Code | |
uses: actions/checkout@v3 | |
- name: Setup .NET 6 | |
uses: actions/setup-dotnet@v2 | |
with: | |
dotnet-version: "6.0.x" | |
- name: Install dependencies for keycloak sync | |
run: dotnet restore | |
working-directory: ${{env.sync-directory}} | |
- name: Build keycloak sync | |
run: dotnet build | |
working-directory: ${{env.sync-directory}} | |
- name: Start keycloak sync | |
run: dotnet run | |
working-directory: ${{env.sync-directory}} | |
ci-cd-end-notification: | |
name: CI-CD End Notification to Teams Channel | |
runs-on: ubuntu-latest | |
needs: sync-keycloak | |
steps: | |
- name: check workflow status | |
uses: martialonline/workflow-status@v4 | |
id: check | |
- name: End notification to Teams Channel | |
uses: dragos-cojocari/[email protected] | |
with: | |
github-token: ${{ github.token }} | |
ms-teams-webhook-uri: ${{ env.MS_TEAMS_WEBHOOK_BUILD_CHANNEL }} | |
notification-summary: PIMS Release TEST to UAT COMPLETED with status ${{ steps.check.outputs.status }} | |
notification-color: 17a2b8 | |
timezone: America/Los_Angeles |