chore(deps): lock file maintenance #1378
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build And Deploy to Sandbox in Dev namespace | |
on: | |
pull_request: | |
paths-ignore: | |
- '*.md' | |
- 'docker-compose.yml' | |
- 'renovate.json' | |
- 'COMPLIANCE.yaml' | |
- '.gitignore' | |
- '.vscode/**' | |
- '.diagrams/**' | |
- '.graphics/**' | |
- 'sysdig/**' | |
- '.github/workflows/sysdig.yml' | |
branches: | |
- main | |
concurrency: | |
# PR open and close use the same group, allowing only one at a time | |
group: pr-${{ github.workflow }}-${{ github.event.number }} | |
cancel-in-progress: true | |
jobs: | |
builds: | |
if: '!github.event.pull_request.head.repo.fork' | |
name: Builds | |
runs-on: ubuntu-22.04 | |
permissions: | |
packages: write | |
strategy: | |
matrix: | |
package: [backend, database-migrations, frontend, doc-gen-service, backend-external, maintenance] | |
include: | |
- package: backend | |
triggers: ('backend/') | |
build_file: ./backend/Dockerfile | |
build_context: ./backend | |
- package: frontend | |
triggers: ('frontend/') | |
build_file: ./frontend/Dockerfile | |
build_context: ./frontend | |
- package: database-migrations | |
triggers: ('backend/db') | |
build_file: ./backend/db/Dockerfile | |
build_context: ./backend/db | |
- package: doc-gen-service | |
triggers: ('doc-gen-service/') | |
build_file: ./doc-gen-service/Dockerfile | |
build_context: ./doc-gen-service | |
- package: backend-external | |
build_file: ./backend-external/Dockerfile | |
build_context: ./backend-external | |
- package: maintenance | |
build_file: ./maintenance/Dockerfile | |
build_context: ./maintenance | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: bcgov-nr/[email protected] | |
with: | |
package: ${{ matrix.package }} | |
tag: ${{ github.event.number }} | |
tag_fallback: test | |
build_context: ${{ matrix.build_context }} | |
- uses: shrink/actions-docker-registry-tag@v4 | |
with: | |
registry: ghcr.io | |
repository: ${{ github.repository }}/${{ matrix.package }} | |
target: ${{ github.event.number }} | |
tags: pr-${{ github.event.number }}-${{ github.run_number }} | |
check-quota: | |
name: Check Quota | |
runs-on: ubuntu-22.04 | |
environment: dev | |
steps: | |
- name: Check Quota For Deployment | |
shell: bash | |
run: | | |
# Allow pipefail, since we could be catching oc create errors | |
set +o pipefail | |
# Login to OpenShift (NOTE: project command is a safeguard) | |
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }} | |
oc project ${{ vars.oc_namespace }} | |
#check helm status to see if this is an already deployed PR or a new PR | |
DEPLOYMENT_STATUS=$(helm status pay-transparency-pr-${{ github.event.number }} -o json | jq .info.status || false) | |
echo "DEPLOYMENT_STATUS is '$DEPLOYMENT_STATUS'" | |
# if deployment status is false or blank, then this is a new PR and we need to check quota | |
if [[ $DEPLOYMENT_STATUS == "" ]] || [[ $DEPLOYMENT_STATUS == "false" ]]; then | |
echo "This is a new PR, checking quota" | |
# PRINT QUOTA | |
oc describe quota compute-long-running-quota | |
QUOTA=$(oc get quota compute-long-running-quota -o json | jq -r '.status.used."limits.cpu"') | |
# if quota contains 'm' get only the number by removing the last character | |
if [[ $QUOTA == *"m"* ]]; then | |
QUOTA=${QUOTA::-1} | |
fi | |
echo "USED QUOTA: $QUOTA" | |
TOTAL_QUOTA=$(oc get quota compute-long-running-quota -o json | jq -r '.status.hard."limits.cpu"') | |
if [[ $TOTAL_QUOTA != *"m" ]]; then | |
TOTAL_QUOTA=$((TOTAL_QUOTA * 1000)) | |
fi | |
# find available quota by subtracting from the total quota | |
AVL_QUOTA=$(($TOTAL_QUOTA-$QUOTA)) | |
echo "AVL_QUOTA: $AVL_QUOTA" | |
#Total quota(CPU LIMIT) required for PR to deploy is backend + doc-gen + database + frontend = 580 milli cores. | |
if [[ $AVL_QUOTA -lt 600 ]]; then | |
echo "Not Enough Resource(CPU Limits) Quota not available to deploy PR" | |
exit 1 | |
else | |
echo "Quota available for deployment." | |
exit 0 | |
fi | |
else | |
echo "This is an already deployed PR, skipping quota check" | |
exit 0 | |
fi | |
deploys: | |
name: Deploys | |
needs: [builds, check-quota] | |
uses: ./.github/workflows/.deploy.yml | |
secrets: inherit | |
with: | |
autoscaling: false | |
target: pr-${{ github.event.number }} | |
tag: pr-${{ github.event.number }}-${{ github.run_number }} | |
values: "values-pr.yaml" | |
frontend-url: https://pay-transparency-pr-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca | |
test-integration: | |
name: Integration | |
needs: [builds, check-quota, deploys] | |
uses: ./.github/workflows/.integration.yml | |
secrets: inherit | |
with: | |
backend-external-url: https://pay-transparency-pr-${{ github.event.number }}-backend-external.apps.silver.devops.gov.bc.ca/api | |
test-e2e: | |
name: E2E | |
needs: [builds, check-quota, deploys] | |
uses: ./.github/workflows/.e2e.yml | |
secrets: inherit | |
with: | |
frontend-url: https://pay-transparency-pr-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca |