diff --git a/.github/workflows/aro-hcp-dev-env-cd.yml b/.github/workflows/aro-hcp-dev-env-cd.yml index 86f9d27da..db6862917 100644 --- a/.github/workflows/aro-hcp-dev-env-cd.yml +++ b/.github/workflows/aro-hcp-dev-env-cd.yml @@ -44,285 +44,285 @@ if: ${{ github.event.pull_request.head.repo.full_name != 'Azure/ARO-HCP' }} run: core.setFailed('Expected source repository to be Azure/ARO-HCP, re-create PR as a branch of Azure/ARO-HCP') - # deploy_global_rg: - # #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - # permissions: - # id-token: 'write' - # contents: 'read' - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: 'Az CLI login' - # uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: 'Deploy' - # run: | - # cd dev-infrastructure/ - - # # Manage ACR - # make acr acr-svc acr-ocp - - # deploy_image_sync_rg: - # #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - # permissions: - # id-token: 'write' - # contents: 'read' - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: 'Az CLI login' - # uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: 'Deploy' - # run: | - # cd dev-infrastructure/ - # make imagesync - - # deploy_region_rg: - # #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - # permissions: - # id-token: 'write' - # contents: 'read' - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: 'Az CLI login' - # uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: 'Deploy' - # run: | - # cd dev-infrastructure/ - # make region metrics-infra - - # deploy_service_cluster_rg: - # #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - # needs: - # - deploy_region_rg - # permissions: - # id-token: 'write' - # contents: 'read' - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: 'Az CLI login' - # uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: 'Deploy' - # run: | - # cd dev-infrastructure/ - # PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc svc.aks.admin-access svc.enable-aks-metrics - - # # grant GH action user access to resources - # # PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc.dev-role-assignments - - # deploy_management_cluster_rg: - # #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - # needs: - # - deploy_region_rg - # permissions: - # id-token: 'write' - # contents: 'read' - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: 'Az CLI login' - # uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: 'Deploy or Update' - # run: | - # cd dev-infrastructure/ - # PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make mgmt mgmt.aks.admin-access mgmt.enable-aks-metrics - - # build_push_frontend: - # permissions: - # id-token: 'write' - # contents: 'read' - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: Build frontend container image - # run: | - # cd frontend/ - # make image - - # - name: 'Az CLI login' - # #if: github.event.pull_request.merged == true - # uses: azure/login@v2 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Push frontend container image - # if: github.event.pull_request.merged == true - # run: | - # cd frontend/ - # make push - - # build_push_backend: - # permissions: - # id-token: 'write' - # contents: 'read' - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: Build backend container image - # run: | - # cd backend/ - # make image - - # - name: 'Az CLI login' - # #if: github.event.pull_request.merged == true - # uses: azure/login@v2 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Push backend container image - # #if: github.event.pull_request.merged == true - # run: | - # cd backend/ - # make push - - # build_push_ocmirror: - # permissions: - # id-token: 'write' - # contents: 'read' - # needs: - # - deploy_global_rg - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: Build oc-mirror container image - # run: | - # cd image-sync/oc-mirror - # make image - - # - name: 'Az CLI login' - # #if: github.event.pull_request.merged == true - # uses: azure/login@v2 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Push oc-mirror container image - # #if: github.event.pull_request.merged == true - # run: | - # cd image-sync/oc-mirror - # make push - - # build_push_imagesync: - # permissions: - # id-token: 'write' - # contents: 'read' - # needs: - # - deploy_global_rg - # runs-on: 'ubuntu-latest' - # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - # with: - # fetch-depth: 1 - - # - name: Install Azure CLI - # uses: ./.github/actions/install-azure-cli - - # - name: Build image-sync container image - # run: | - # cd tooling/image-sync - # make image - - # - name: 'Az CLI login' - # #if: github.event.pull_request.merged == true - # uses: azure/login@v2 - # with: - # client-id: ${{ secrets.AZURE_CLIENT_ID }} - # tenant-id: ${{ secrets.AZURE_TENANT_ID }} - # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - # - name: Push image-sync container image - # #if: github.event.pull_request.merged == true - # run: | - # cd tooling/image-sync - # make push + deploy_global_rg: + #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: 'Deploy' + run: | + cd dev-infrastructure/ + + # Manage ACR + make acr acr-svc acr-ocp + + deploy_image_sync_rg: + #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: 'Deploy' + run: | + cd dev-infrastructure/ + make imagesync + + deploy_region_rg: + #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: 'Deploy' + run: | + cd dev-infrastructure/ + make region metrics-infra + + deploy_service_cluster_rg: + #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' + needs: + - deploy_region_rg + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: 'Deploy' + run: | + cd dev-infrastructure/ + PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc svc.aks.admin-access svc.enable-aks-metrics + + # grant GH action user access to resources + # PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make svc.dev-role-assignments + + deploy_management_cluster_rg: + #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' + needs: + - deploy_region_rg + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: 'Az CLI login' + uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: 'Deploy or Update' + run: | + cd dev-infrastructure/ + PRINCIPAL_ID=${{ secrets.GHA_PRINCIPAL_ID }} make mgmt mgmt.aks.admin-access mgmt.enable-aks-metrics + + build_push_frontend: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: Build frontend container image + run: | + cd frontend/ + make image + + - name: 'Az CLI login' + #if: github.event.pull_request.merged == true + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Push frontend container image + if: github.event.pull_request.merged == true + run: | + cd frontend/ + make push + + build_push_backend: + permissions: + id-token: 'write' + contents: 'read' + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: Build backend container image + run: | + cd backend/ + make image + + - name: 'Az CLI login' + #if: github.event.pull_request.merged == true + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Push backend container image + #if: github.event.pull_request.merged == true + run: | + cd backend/ + make push + + build_push_ocmirror: + permissions: + id-token: 'write' + contents: 'read' + needs: + - deploy_global_rg + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: Build oc-mirror container image + run: | + cd image-sync/oc-mirror + make image + + - name: 'Az CLI login' + #if: github.event.pull_request.merged == true + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Push oc-mirror container image + #if: github.event.pull_request.merged == true + run: | + cd image-sync/oc-mirror + make push + + build_push_imagesync: + permissions: + id-token: 'write' + contents: 'read' + needs: + - deploy_global_rg + runs-on: 'ubuntu-latest' + steps: + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + fetch-depth: 1 + + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + + - name: Build image-sync container image + run: | + cd tooling/image-sync + make image + + - name: 'Az CLI login' + #if: github.event.pull_request.merged == true + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Push image-sync container image + #if: github.event.pull_request.merged == true + run: | + cd tooling/image-sync + make push deploy_to_service_cluster: #if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - # needs: - # - build_push_frontend - # - build_push_backend - # - build_push_imagesync - # - build_push_ocmirror - # - deploy_service_cluster_rg + needs: + - build_push_frontend + - build_push_backend + - build_push_imagesync + - build_push_ocmirror + - deploy_service_cluster_rg permissions: id-token: 'write' contents: 'read' @@ -396,8 +396,8 @@ deploy_to_management_cluster: # if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' - # needs: - # - deploy_management_cluster_rg + needs: + - deploy_management_cluster_rg permissions: id-token: 'write' contents: 'read'