Skip to content

chore: deploy-prod.yml #203

chore: deploy-prod.yml

chore: deploy-prod.yml #203

Workflow file for this run

name: Deploy Test Environment
on:
push:
tags:
- v*.*.*
jobs:
docker-build-backend:
runs-on: ubuntu-22.04
timeout-minutes: 10
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Build Docker image
run: cd server && docker build -t strdss-backend -f Dockerfile .
- name: Tag Docker image
run: |
vtag=${{ github.ref_name }}
docker tag strdss-backend artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend:${vtag//v}
- name: Push Docker image to Artifactory
run: |
vtag=${{ github.ref_name }}
docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }}
docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-backend:${vtag//v}
docker-build-hangfire:
runs-on: ubuntu-22.04
timeout-minutes: 10
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Build Docker image
run: cd server && docker build -t strdss-hangfire -f Dockerfile.hangfire .
- name: Tag Docker image
run: |
vtag=${{ github.ref_name }}
docker tag strdss-hangfire artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-hangfire:${vtag//v}
- name: Push Docker image to Artifactory
run: |
vtag=${{ github.ref_name }}
docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }}
docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-hangfire:${vtag//v}
docker-build-frontend:
runs-on: ubuntu-22.04
timeout-minutes: 10
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Build Docker image
run: cd frontend && docker build -t strdss-frontend -f Dockerfile .
- name: Tag Docker image
run: |
vtag=${{ github.ref_name }}
docker tag strdss-frontend artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend:${vtag//v}
- name: Push Docker image to Artifactory
run: |
vtag=${{ github.ref_name }}
docker login artifacts.developer.gov.bc.ca -u ${{ secrets.JFROG_USERNAME }} -p ${{ secrets.JFROG_PASSWORD }}
docker push artifacts.developer.gov.bc.ca/sf4a-strdss/strdss-frontend:${vtag//v}
deploy-emerald:
needs: [docker-build-frontend, docker-build-backend, docker-build-hangfire]
runs-on: ubuntu-22.04
timeout-minutes: 10
steps:
- name: Checkout ArgoCD Repo
id: gitops
uses: actions/checkout@v4
with:
repository: bcgov-c/tenant-gitops-b0471a
ref: test
token: ${{ secrets.GITOPS }} # `GITOPS` is a secret that contains your PAT
- name: Update Helm Values and Commit
id: helm
run: |
pwd
# Get current date and time
datetime=$(date +'%Y-%m-%d %H:%M:%S')
vtag=${{ github.ref_name }}
echo "Image Tag:"
echo ${vtag//v}
# set image tag
sed -i "s/tag: .*/tag: ${vtag//v} # Image Updated on $datetime/" deploy/test_values.yaml
# Commit and push the changes
git config --global user.email "[email protected]"
git config --global user.name "Young-Jin Chung"
git add deploy/test_values.yaml
pwd
# Repackage Helm Chart
cd charts/gitops/charts
helm package ../../frontend/
helm package ../../backend/
helm package ../../hangfire/
git add .
git commit -m "Update image tag to ${vtag//v} on $datetime"
git push origin test
zap-scan:
needs: [deploy-emerald]
runs-on: ubuntu-22.04
timeout-minutes: 10
permissions:
contents: read
issues: write
steps:
- uses: hmarr/debug-action@a701ed95a46e6f2fb0df25e1a558c16356fae35a
- uses: actions/checkout@96f53100ba2a5449eb71d2e6604bbcd94b9449b5
with:
ref: main
- name: ZAP Scan
uses: zaproxy/action-full-scan@c8994d4f913cf872ec9964ac2d998c9bec369060
with:
token: ${{ secrets.GITHUB_TOKEN }}
target: https://dev.strdata.gov.bc.ca/
rules_file_name: '.zap/rules.tsv'