Skip to content

chore(deps): lock file maintenance #1378

chore(deps): lock file maintenance

chore(deps): lock file maintenance #1378

name: Build And Deploy to Sandbox in Dev namespace
on:
pull_request:
paths-ignore:
- '*.md'
- 'docker-compose.yml'
- 'renovate.json'
- 'COMPLIANCE.yaml'
- '.gitignore'
- '.vscode/**'
- '.diagrams/**'
- '.graphics/**'
- 'sysdig/**'
- '.github/workflows/sysdig.yml'
branches:
- main
concurrency:
# PR open and close use the same group, allowing only one at a time
group: pr-${{ github.workflow }}-${{ github.event.number }}
cancel-in-progress: true
jobs:
builds:
if: '!github.event.pull_request.head.repo.fork'
name: Builds
runs-on: ubuntu-22.04
permissions:
packages: write
strategy:
matrix:
package: [backend, database-migrations, frontend, doc-gen-service, backend-external, maintenance]
include:
- package: backend
triggers: ('backend/')
build_file: ./backend/Dockerfile
build_context: ./backend
- package: frontend
triggers: ('frontend/')
build_file: ./frontend/Dockerfile
build_context: ./frontend
- package: database-migrations
triggers: ('backend/db')
build_file: ./backend/db/Dockerfile
build_context: ./backend/db
- package: doc-gen-service
triggers: ('doc-gen-service/')
build_file: ./doc-gen-service/Dockerfile
build_context: ./doc-gen-service
- package: backend-external
build_file: ./backend-external/Dockerfile
build_context: ./backend-external
- package: maintenance
build_file: ./maintenance/Dockerfile
build_context: ./maintenance
steps:
- uses: actions/checkout@v4
- uses: bcgov-nr/[email protected]
with:
package: ${{ matrix.package }}
tag: ${{ github.event.number }}
tag_fallback: test
build_context: ${{ matrix.build_context }}
- uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.package }}
target: ${{ github.event.number }}
tags: pr-${{ github.event.number }}-${{ github.run_number }}
check-quota:
name: Check Quota
runs-on: ubuntu-22.04
environment: dev
steps:
- name: Check Quota For Deployment
shell: bash
run: |
# Allow pipefail, since we could be catching oc create errors
set +o pipefail
# Login to OpenShift (NOTE: project command is a safeguard)
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
oc project ${{ vars.oc_namespace }}
#check helm status to see if this is an already deployed PR or a new PR
DEPLOYMENT_STATUS=$(helm status pay-transparency-pr-${{ github.event.number }} -o json | jq .info.status || false)
echo "DEPLOYMENT_STATUS is '$DEPLOYMENT_STATUS'"
# if deployment status is false or blank, then this is a new PR and we need to check quota
if [[ $DEPLOYMENT_STATUS == "" ]] || [[ $DEPLOYMENT_STATUS == "false" ]]; then
echo "This is a new PR, checking quota"
# PRINT QUOTA
oc describe quota compute-long-running-quota
QUOTA=$(oc get quota compute-long-running-quota -o json | jq -r '.status.used."limits.cpu"')
# if quota contains 'm' get only the number by removing the last character
if [[ $QUOTA == *"m"* ]]; then
QUOTA=${QUOTA::-1}
fi
echo "USED QUOTA: $QUOTA"
TOTAL_QUOTA=$(oc get quota compute-long-running-quota -o json | jq -r '.status.hard."limits.cpu"')
if [[ $TOTAL_QUOTA != *"m" ]]; then
TOTAL_QUOTA=$((TOTAL_QUOTA * 1000))
fi
# find available quota by subtracting from the total quota
AVL_QUOTA=$(($TOTAL_QUOTA-$QUOTA))
echo "AVL_QUOTA: $AVL_QUOTA"
#Total quota(CPU LIMIT) required for PR to deploy is backend + doc-gen + database + frontend = 580 milli cores.
if [[ $AVL_QUOTA -lt 600 ]]; then
echo "Not Enough Resource(CPU Limits) Quota not available to deploy PR"
exit 1
else
echo "Quota available for deployment."
exit 0
fi
else
echo "This is an already deployed PR, skipping quota check"
exit 0
fi
deploys:
name: Deploys
needs: [builds, check-quota]
uses: ./.github/workflows/.deploy.yml
secrets: inherit
with:
autoscaling: false
target: pr-${{ github.event.number }}
tag: pr-${{ github.event.number }}-${{ github.run_number }}
values: "values-pr.yaml"
frontend-url: https://pay-transparency-pr-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca
test-integration:
name: Integration
needs: [builds, check-quota, deploys]
uses: ./.github/workflows/.integration.yml
secrets: inherit
with:
backend-external-url: https://pay-transparency-pr-${{ github.event.number }}-backend-external.apps.silver.devops.gov.bc.ca/api
test-e2e:
name: E2E
needs: [builds, check-quota, deploys]
uses: ./.github/workflows/.e2e.yml
secrets: inherit
with:
frontend-url: https://pay-transparency-pr-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca