diff --git a/.github/workflows/aro-hcp-dev-env-cd.yml b/.github/workflows/aro-hcp-dev-env-cd.yml index ac68b8897..3afff38d7 100644 --- a/.github/workflows/aro-hcp-dev-env-cd.yml +++ b/.github/workflows/aro-hcp-dev-env-cd.yml @@ -1,5 +1,5 @@ --- - name: ARO HCP Dev Environment Continuous Deployment + name: ARO HCP Continuous Deployment env: DEPLOY_ENV: dev SKIP_CONFIRM: true @@ -37,6 +37,7 @@ jobs: is_running_on_fork: + name: 'Ensure PR is submitted from Azure/ARO-HCP' if: github.event_name != 'workflow_dispatch' runs-on: ubuntu-latest steps: @@ -45,10 +46,13 @@ run: core.setFailed('Expected source repository to be Azure/ARO-HCP, re-create PR as a branch of Azure/ARO-HCP') deploy_global_rg: - #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' + name: 'Deploy global resources' + # if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' permissions: id-token: 'write' contents: 'read' + env: + DEPLOY_ENV: dev runs-on: 'ubuntu-latest' steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -73,12 +77,15 @@ make acr acr-svc acr-ocp deploy_image_sync_rg: + name: 'Deploy Image Sync' #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' needs: - deploy_global_rg permissions: id-token: 'write' contents: 'read' + env: + DEPLOY_ENV: dev runs-on: 'ubuntu-latest' steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -100,357 +107,69 @@ cd dev-infrastructure/ make imagesync - deploy_region_rg: - #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - permissions: - id-token: 'write' - contents: 'read' - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: 'Az CLI login' - uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" - - - name: 'Deploy' - run: | - cd dev-infrastructure/ - make region metrics-infra - - deploy_service_cluster_rg: - #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - needs: - - deploy_region_rg + service_ci: + name: 'Build service images' permissions: id-token: 'write' contents: 'read' - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: 'Az CLI login' - uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" + secrets: inherit + uses: ./.github/workflows/services-ci.yml + with: + push: ${{ github.event.pull_request.merged == true }} - - name: 'Deploy' - run: | - cd dev-infrastructure/ - PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc svc.aks.admin-access svc.enable-aks-metrics - - # grant GH action user access to resources - # PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc.dev-role-assignments - - deploy_management_cluster_rg: - #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - needs: - - deploy_region_rg - permissions: - id-token: 'write' - contents: 'read' - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: 'Az CLI login' - uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" - - - name: 'Deploy or Update' - run: | - cd dev-infrastructure/ - PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make mgmt mgmt.aks.admin-access mgmt.enable-aks-metrics - - build_push_frontend: - needs: - - deploy_global_rg - permissions: - id-token: 'write' - contents: 'read' - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" - - - name: Build frontend container image - run: | - cd frontend/ - make image - - - name: 'Az CLI login' - #if: github.event.pull_request.merged == true - uses: azure/login@v2 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: Push frontend container image - if: github.event.pull_request.merged == true - run: | - cd frontend/ - make push - - build_push_backend: - needs: - - deploy_global_rg - permissions: - id-token: 'write' - contents: 'read' - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" - - - name: Build backend container image - run: | - cd backend/ - make image - - - name: 'Az CLI login' - #if: github.event.pull_request.merged == true - uses: azure/login@v2 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: Push backend container image - #if: github.event.pull_request.merged == true - run: | - cd backend/ - make push - - build_push_ocmirror: - permissions: - id-token: 'write' - contents: 'read' - needs: - - deploy_global_rg - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" - - - name: Build oc-mirror container image - run: | - cd image-sync/oc-mirror - make image - - - name: 'Az CLI login' - #if: github.event.pull_request.merged == true - uses: azure/login@v2 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: Push oc-mirror container image - #if: github.event.pull_request.merged == true - run: | - cd image-sync/oc-mirror - make push - - build_push_imagesync: - permissions: - id-token: 'write' - contents: 'read' + deploy_dev_environment_infra: + name: 'Deploy integrated DEV infrastructure' + # if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' needs: - deploy_global_rg - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" - - - name: Build image-sync container image - run: | - cd tooling/image-sync - make image - - - name: 'Az CLI login' - #if: github.event.pull_request.merged == true - uses: azure/login@v2 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: Push image-sync container image - #if: github.event.pull_request.merged == true - run: | - cd tooling/image-sync - make push - - deploy_to_service_cluster: - #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - needs: - - build_push_frontend - - build_push_backend - - build_push_imagesync - - build_push_ocmirror - - deploy_service_cluster_rg permissions: id-token: 'write' contents: 'read' - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: 'Az CLI login' - uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" - - - uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f # v4.0.0 - - # Used to deploy Cluster Service - - name: 'Install oc' - run: | - curl -sfLo - https://mirror.openshift.com/pub/openshift-v4/clients/ocp/4.15.9/openshift-client-linux.tar.gz | tar xzf - - sudo mv oc /usr/local/bin/oc - chmod +x /usr/local/bin/oc - - # Used to deploy Maestro Server, Frontend - - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 - with: - version: 'v3.13.3' + secrets: inherit + uses: ./.github/workflows/environment-infra-cd.yml + with: + deploy_env: dev - - uses: azure/use-kubelogin@76597ae0fcbaace21b05e13a2cbf8daee2c6e820 # v1.2 - with: - kubelogin-version: 'v0.1.3' - - # Prepare kubeconfig - - name: 'Prepare kubeconfig' - run: | - cd dev-infrastructure/ - make svc.aks.kubeconfig - - - name: 'Deploy Istio Configuration' - run: | - make isto.deploy - - - name: 'Deploy Frontend' - run: | - make rp.frontend.deploy - - - name: 'Deploy Backend' - run: | - make rp.backend.deploy - - - name: 'Deploy Cluster Service' - run: | - make cs.deploy - - - name: 'Deploy Maestro' - run: | - make maestro.server.deploy maestro.registration.deploy - - - name: 'Deploy Image Sync' - run: | - make imagesync.deploy - - - name: 'Deploy Prometheus Config' - run: | - make metrics.deploy - - deploy_to_management_cluster: + deploy_dev_environment_services: + name: 'Deploy services to integrated DEV' # if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' needs: - - deploy_management_cluster_rg + - service_ci + - deploy_dev_environment_infra permissions: id-token: 'write' contents: 'read' - runs-on: 'ubuntu-latest' - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 1 - - - name: 'Az CLI login' - uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: "install azure-cli" - uses: "Azure/ARO-HCP@main" - - - uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f # v4.0.0 - - - uses: azure/use-kubelogin@76597ae0fcbaace21b05e13a2cbf8daee2c6e820 # v1.2 - with: - kubelogin-version: 'v0.1.3' - - - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 - with: - version: 'v3.13.3' - - # Prepare kubeconfig - - name: 'Prepare kubeconfig' - run: | - cd dev-infrastructure/ - make mgmt.aks.kubeconfig - - - name: 'Deploy PKO' - run: | - make pko.deploy - - - name: 'Deploy ACM' - run: | - make acm.deploy - - - name: 'Deploy Maestro Agent' - run: | - make maestro.agent.deploy - - - name: 'Deploy Hypershift Operator and External DNS Operator' - run: | - make hypershift.deploy + secrets: inherit + uses: ./.github/workflows/services-cd.yml + with: + deploy_env: dev + + # + # # CS PR env deployment disabled during testing + # + # deploy_cs_pr_environment_infra: + # name: 'Deploy CS PR infrastructure' + # # if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' + # needs: + # - deploy_global_rg + # permissions: + # id-token: 'write' + # contents: 'read' + # secrets: inherit + # uses: ./.github/workflows/environment-infra-cd.yml + # with: + # deploy_env: cs-pr + + # deploy_cs_pr_environment_services: + # name: 'Deploy services to CS PR' + # # if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' + # needs: + # - service_ci + # - deploy_cs_pr_environment_infra + # permissions: + # id-token: 'write' + # contents: 'read' + # secrets: inherit + # uses: ./.github/workflows/services-cd.yml + # with: + # deploy_env: cs-pr diff --git a/.github/workflows/environment-infra-cd.yml b/.github/workflows/environment-infra-cd.yml new file mode 100644 index 000000000..aca726581 --- /dev/null +++ b/.github/workflows/environment-infra-cd.yml @@ -0,0 +1,110 @@ +--- + name: ARO HCP Environment Infrastructure Continuous Deployment + env: + DEPLOY_ENV: ${{ inputs.deploy_env }} + SKIP_CONFIRM: true + on: + workflow_call: + inputs: + deploy_env: + description: 'The deploy environment to use for service deployments' + required: true + type: string + secrets: + AZURE_CLIENT_ID: + description: 'Azure Client ID' + required: true + AZURE_TENANT_ID: + description: 'Azure Tenant ID' + required: true + AZURE_SUBSCRIPTION_ID: + description: 'Azure Subscription ID' + required: true + + concurrency: + group: ${{ github.workflow }}-infra-${{ inputs.deploy_env }} + cancel-in-progress: false + + jobs: + + deploy_region_rg: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: "install azure-cli" + uses: "Azure/ARO-HCP@main" + + - name: 'Deploy' + run: | + cd dev-infrastructure/ + make region metrics-infra + + deploy_service_cluster_rg: + needs: + - deploy_region_rg + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: "install azure-cli" + uses: "Azure/ARO-HCP@main" + + - name: 'Deploy' + run: | + cd dev-infrastructure/ + PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc svc.aks.admin-access svc.enable-aks-metrics + + # grant GH action user access to resources + # PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc.dev-role-assignments + + deploy_management_cluster_rg: + needs: + - deploy_region_rg + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: "install azure-cli" + uses: "Azure/ARO-HCP@main" + + - name: 'Deploy or Update' + run: | + cd dev-infrastructure/ + PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make mgmt mgmt.aks.admin-access mgmt.enable-aks-metrics diff --git a/.github/workflows/services-cd.yml b/.github/workflows/services-cd.yml new file mode 100644 index 000000000..6b1dbeaed --- /dev/null +++ b/.github/workflows/services-cd.yml @@ -0,0 +1,152 @@ +--- + name: ARO HCP Deploy Service Components + env: + DEPLOY_ENV: ${{ inputs.deploy_env }} + SKIP_CONFIRM: true + on: + workflow_call: + inputs: + deploy_env: + description: 'The deploy environment to use for service deployments' + required: true + type: string + secrets: + AZURE_CLIENT_ID: + description: 'Azure Client ID' + required: true + AZURE_TENANT_ID: + description: 'Azure Tenant ID' + required: true + AZURE_SUBSCRIPTION_ID: + description: 'Azure Subscription ID' + required: true + + concurrency: + group: ${{ github.workflow }}-service-cd-${{ inputs.deploy_env }} + cancel-in-progress: false + + jobs: + + deploy_to_service_cluster: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: "install azure-cli" + uses: "Azure/ARO-HCP@main" + + - uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f # v4.0.0 + + # Used to deploy Cluster Service + - name: 'Install oc' + run: | + curl -sfLo - https://mirror.openshift.com/pub/openshift-v4/clients/ocp/4.15.9/openshift-client-linux.tar.gz | tar xzf - + sudo mv oc /usr/local/bin/oc + chmod +x /usr/local/bin/oc + + # Used to deploy Maestro Server, Frontend + - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + with: + version: 'v3.13.3' + + - uses: azure/use-kubelogin@76597ae0fcbaace21b05e13a2cbf8daee2c6e820 # v1.2 + with: + kubelogin-version: 'v0.1.3' + + # Prepare kubeconfig + - name: 'Prepare kubeconfig' + run: | + cd dev-infrastructure/ + make svc.aks.kubeconfig + + - name: 'Deploy Istio Configuration' + run: | + make isto.deploy + + - name: 'Deploy Frontend' + run: | + make rp.frontend.deploy + + - name: 'Deploy Backend' + run: | + make rp.backend.deploy + + - name: 'Deploy Cluster Service' + run: | + make cs.deploy + + - name: 'Deploy Maestro' + run: | + make maestro.server.deploy maestro.registration.deploy + + - name: 'Deploy Image Sync' + run: | + make imagesync.deploy + + - name: 'Deploy Prometheus Config' + run: | + make metrics.deploy + + deploy_to_management_cluster: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: "install azure-cli" + uses: "Azure/ARO-HCP@main" + + - uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f # v4.0.0 + + - uses: azure/use-kubelogin@76597ae0fcbaace21b05e13a2cbf8daee2c6e820 # v1.2 + with: + kubelogin-version: 'v0.1.3' + + - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + with: + version: 'v3.13.3' + + # Prepare kubeconfig + - name: 'Prepare kubeconfig' + run: | + cd dev-infrastructure/ + make mgmt.aks.kubeconfig + + - name: 'Deploy PKO' + run: | + make pko.deploy + + - name: 'Deploy ACM' + run: | + make acm.deploy + + - name: 'Deploy Maestro Agent' + run: | + make maestro.agent.deploy + + - name: 'Deploy Hypershift Operator and External DNS Operator' + run: | + make hypershift.deploy diff --git a/.github/workflows/services-ci.yml b/.github/workflows/services-ci.yml new file mode 100644 index 000000000..1029f627f --- /dev/null +++ b/.github/workflows/services-ci.yml @@ -0,0 +1,159 @@ +--- + name: ARO HCP Dev Environment Continuous Deployment + env: + DEPLOY_ENV: dev + on: + workflow_call: + inputs: + push: + description: 'Push to the registry' + required: true + type: boolean + secrets: + AZURE_CLIENT_ID: + description: 'Azure Client ID' + required: true + AZURE_TENANT_ID: + description: 'Azure Tenant ID' + required: true + AZURE_SUBSCRIPTION_ID: + description: 'Azure Subscription ID' + required: true + + concurrency: + group: ${{ github.workflow }}-service-ci + cancel-in-progress: false + + jobs: + + build_push_frontend: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: Build frontend container image + run: | + cd frontend/ + make image + + - name: "install azure-cli" + if: inputs.push == true + uses: "Azure/ARO-HCP@main" + + - name: 'Az CLI login' + if: inputs.push == true + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Push frontend container image + if: inputs.push == true + run: | + cd frontend/ + make push + + build_push_backend: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: Build backend container image + run: | + cd backend/ + make image + + - name: "install azure-cli" + if: inputs.push == true + uses: "Azure/ARO-HCP@main" + + - name: 'Az CLI login' + if: inputs.push == true + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Push backend container image + if: inputs.push == true + run: | + cd backend/ + make push + + build_push_ocmirror: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: Build oc-mirror container image + run: | + cd image-sync/oc-mirror + make image + + - name: "install azure-cli" + if: inputs.push == true + uses: "Azure/ARO-HCP@main" + + - name: 'Az CLI login' + if: inputs.push == true + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Push oc-mirror container image + if: inputs.push == true + run: | + cd image-sync/oc-mirror + make push + + build_push_imagesync: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 1 + + - name: Build image-sync container image + run: | + cd tooling/image-sync + make image + + - name: "install azure-cli" + if: inputs.push == true + uses: "Azure/ARO-HCP@main" + + - name: 'Az CLI login' + if: inputs.push == true + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Push image-sync container image + if: inputs.push == true + run: | + cd tooling/image-sync + make push