diff --git a/.github/workflows/pay-api-cd-gcp.yml b/.github/workflows/pay-api-cd-gcp.yml index a5fe4c8dc..b33b75ff0 100644 --- a/.github/workflows/pay-api-cd-gcp.yml +++ b/.github/workflows/pay-api-cd-gcp.yml @@ -1,9 +1,9 @@ -name: Pay API CD +name: Pay API CD GCP on: push: branches: - - feature-queue-python-upgrade + - feature-gcp paths: - "pay-api/**" workflow_dispatch: @@ -27,4 +27,4 @@ jobs: working_directory: "./pay-api" secrets: WORKLOAD_IDENTIFY_POOLS_PROVIDER: ${{ secrets.WORKLOAD_IDENTIFY_POOLS_PROVIDER }} - GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }} \ No newline at end of file + GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }} diff --git a/.github/workflows/pay-queue-gcp-cd.yml b/.github/workflows/pay-queue-gcp-cd.yml index 73e2b0518..b66871c61 100644 --- a/.github/workflows/pay-queue-gcp-cd.yml +++ b/.github/workflows/pay-queue-gcp-cd.yml @@ -1,10 +1,9 @@ -name: Pay Queue CD +name: Pay Queue CD GCP on: push: branches: - - main - - feature* + - feature-gcp paths: - "pay-queue/**" - "pay-api/src/pay_api/models/**" @@ -30,4 +29,4 @@ jobs: working_directory: "./pay-queue" secrets: WORKLOAD_IDENTIFY_POOLS_PROVIDER: ${{ secrets.WORKLOAD_IDENTIFY_POOLS_PROVIDER }} - GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }} \ No newline at end of file + GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }} diff --git a/.github/workflows/payment-jobs-cd-gcp.yml b/.github/workflows/payment-jobs-cd-gcp.yml new file mode 100644 index 000000000..ea77e4190 --- /dev/null +++ b/.github/workflows/payment-jobs-cd-gcp.yml @@ -0,0 +1,32 @@ +name: Payment Jobs CD GCP + +on: + push: + branches: + - feature-gcp + paths: + - "jobs/payment-jobs/**" + - "pay-api/src/pay_api/models/**" + - "pay-api/src/pay_api/services/cfs_service.py" + workflow_dispatch: + inputs: + target: + description: "Deploy To" + required: true + type: choice + options: + - dev + - test + - sandbox + - prod + +jobs: + payment-jobs-cd: + uses: bcgov/bcregistry-sre/.github/workflows/cloud-run-job-cd.yaml@main + with: + target: ${{ inputs.target }} + app_name: "payment-jobs" + working_directory: "./jobs/payment-jobs" + secrets: + WORKLOAD_IDENTIFY_POOLS_PROVIDER: ${{ secrets.WORKLOAD_IDENTIFY_POOLS_PROVIDER }} + GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }} diff --git a/.github/workflows/payment-jobs-cd.yml b/.github/workflows/payment-jobs-cd.yml index 467f61096..33d7a921f 100644 --- a/.github/workflows/payment-jobs-cd.yml +++ b/.github/workflows/payment-jobs-cd.yml @@ -4,30 +4,112 @@ on: push: branches: - main - - feature* paths: - "jobs/payment-jobs/**" - "pay-api/src/pay_api/models/**" - "pay-api/src/pay_api/services/cfs_service.py" workflow_dispatch: inputs: - target: - description: "Deploy To" + environment: + description: "Environment (dev/test/prod)" required: true - type: choice - options: - - dev - - test - - sandbox - - prod + default: "dev" + +defaults: + run: + shell: bash + working-directory: ./jobs/payment-jobs + +env: + APP_NAME: "payment-job" + TAG_NAME: "dev" jobs: - payment-jobs-cd: - uses: bcgov/bcregistry-sre/.github/workflows/cloud-run-job-cd.yaml@main - with: - target: ${{ inputs.target }} - app_name: "payment-jobs" - working_directory: "./jobs/payment-jobs" - secrets: - WORKLOAD_IDENTIFY_POOLS_PROVIDER: ${{ secrets.WORKLOAD_IDENTIFY_POOLS_PROVIDER }} - GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }} + payment-jobs-cd-by-push: + runs-on: ubuntu-20.04 + + if: github.event_name == 'push' && github.repository == 'bcgov/sbc-pay' + environment: + name: "dev" + + steps: + - uses: actions/checkout@v3 + + - name: Login Openshift + shell: bash + run: | + oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}} + + - name: CD Flow + shell: bash + env: + OPS_REPOSITORY: ${{ secrets.OPS_REPOSITORY }} + OPENSHIFT_DOCKER_REGISTRY: ${{ secrets.OPENSHIFT4_DOCKER_REGISTRY }} + OPENSHIFT_SA_NAME: ${{ secrets.OPENSHIFT4_SA_NAME }} + OPENSHIFT_SA_TOKEN: ${{ secrets.OPENSHIFT4_SA_TOKEN }} + OPENSHIFT_REPOSITORY: ${{ secrets.OPENSHIFT4_REPOSITORY }} + TAG_NAME: ${{ env.TAG_NAME }} + run: | + make cd + + - name: Watch new rollout (trigger by image change in Openshift) + shell: bash + run: | + oc rollout status dc/${{ env.APP_NAME }}-${{ env.TAG_NAME }} -n ${{ secrets.OPENSHIFT4_REPOSITORY }}-${{ env.TAG_NAME }} -w + + - name: Rocket.Chat Notification + uses: RocketChat/Rocket.Chat.GitHub.Action.Notification@master + if: failure() + with: + type: ${{ job.status }} + job_name: "*Payment Job Built and Deployed to ${{env.TAG_NAME}}*" + channel: "#registries-bot" + url: ${{ secrets.ROCKETCHAT_WEBHOOK }} + commit: true + token: ${{ secrets.GITHUB_TOKEN }} + + payment-jobs-cd-by-dispatch: + runs-on: ubuntu-20.04 + + if: github.event_name == 'workflow_dispatch' && github.repository == 'bcgov/sbc-pay' + environment: + name: "${{ github.event.inputs.environment }}" + + steps: + - uses: actions/checkout@v3 + - name: Set env by input + run: | + echo "TAG_NAME=${{ github.event.inputs.environment }}" >> $GITHUB_ENV + + - name: Login Openshift + shell: bash + run: | + oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}} + + - name: CD Flow + shell: bash + env: + OPS_REPOSITORY: ${{ secrets.OPS_REPOSITORY }} + OPENSHIFT_DOCKER_REGISTRY: ${{ secrets.OPENSHIFT4_DOCKER_REGISTRY }} + OPENSHIFT_SA_NAME: ${{ secrets.OPENSHIFT4_SA_NAME }} + OPENSHIFT_SA_TOKEN: ${{ secrets.OPENSHIFT4_SA_TOKEN }} + OPENSHIFT_REPOSITORY: ${{ secrets.OPENSHIFT4_REPOSITORY }} + TAG_NAME: ${{ env.TAG_NAME }} + run: | + make cd + + - name: Watch new rollout (trigger by image change in Openshift) + shell: bash + run: | + oc rollout status dc/${{ env.APP_NAME }}-${{ env.TAG_NAME }} -n ${{ secrets.OPENSHIFT4_REPOSITORY }}-${{ env.TAG_NAME }} -w + + - name: Rocket.Chat Notification + uses: RocketChat/Rocket.Chat.GitHub.Action.Notification@master + if: failure() + with: + type: ${{ job.status }} + job_name: "*Payment Job Built and Deployed to ${{env.TAG_NAME}}*" + channel: "#registries-bot" + url: ${{ secrets.ROCKETCHAT_WEBHOOK }} + commit: true + token: ${{ secrets.GITHUB_TOKEN }}