-
Notifications
You must be signed in to change notification settings - Fork 1
150 lines (138 loc) · 5.5 KB
/
ci_cd_on_pr_dev_sandbox.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
name: Build And Deploy to Sandbox in Dev namespace
on:
pull_request:
paths-ignore:
- '*.md'
- 'docker-compose.yml'
- 'renovate.json'
- 'COMPLIANCE.yaml'
- '.gitignore'
- '.vscode/**'
- '.diagrams/**'
- '.graphics/**'
- 'sysdig/**'
- '.github/workflows/sysdig.yml'
branches:
- main
concurrency:
# PR open and close use the same group, allowing only one at a time
group: pr-${{ github.workflow }}-${{ github.event.number }}
cancel-in-progress: true
jobs:
builds:
if: '!github.event.pull_request.head.repo.fork'
name: Builds
runs-on: ubuntu-22.04
permissions:
packages: write
strategy:
matrix:
package: [backend, database-migrations, frontend, doc-gen-service, backend-external, maintenance]
include:
- package: backend
triggers: ('backend/')
build_file: ./backend/Dockerfile
build_context: ./backend
- package: frontend
triggers: ('frontend/')
build_file: ./frontend/Dockerfile
build_context: ./frontend
- package: database-migrations
triggers: ('backend/db')
build_file: ./backend/db/Dockerfile
build_context: ./backend/db
- package: doc-gen-service
triggers: ('doc-gen-service/')
build_file: ./doc-gen-service/Dockerfile
build_context: ./doc-gen-service
- package: backend-external
build_file: ./backend-external/Dockerfile
build_context: ./backend-external
- package: maintenance
build_file: ./maintenance/Dockerfile
build_context: ./maintenance
steps:
- uses: actions/checkout@v4
- uses: bcgov-nr/[email protected]
with:
package: ${{ matrix.package }}
tag: ${{ github.event.number }}
tag_fallback: test
build_context: ${{ matrix.build_context }}
- uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.package }}
target: ${{ github.event.number }}
tags: pr-${{ github.event.number }}-${{ github.run_number }}
check-quota:
name: Check Quota
runs-on: ubuntu-22.04
environment: dev
steps:
- name: Check Quota For Deployment
shell: bash
run: |
# Allow pipefail, since we could be catching oc create errors
set +o pipefail
# Login to OpenShift (NOTE: project command is a safeguard)
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
oc project ${{ vars.oc_namespace }}
#check helm status to see if this is an already deployed PR or a new PR
DEPLOYMENT_STATUS=$(helm status pay-transparency-pr-${{ github.event.number }} -o json | jq .info.status || false)
echo "DEPLOYMENT_STATUS is '$DEPLOYMENT_STATUS'"
# if deployment status is false or blank, then this is a new PR and we need to check quota
if [[ $DEPLOYMENT_STATUS == "" ]] || [[ $DEPLOYMENT_STATUS == "false" ]]; then
echo "This is a new PR, checking quota"
# PRINT QUOTA
oc describe quota compute-long-running-quota
QUOTA=$(oc get quota compute-long-running-quota -o json | jq -r '.status.used."limits.cpu"')
# if quota contains 'm' get only the number by removing the last character
if [[ $QUOTA == *"m"* ]]; then
QUOTA=${QUOTA::-1}
fi
echo "USED QUOTA: $QUOTA"
TOTAL_QUOTA=$(oc get quota compute-long-running-quota -o json | jq -r '.status.hard."limits.cpu"')
if [[ $TOTAL_QUOTA != *"m" ]]; then
TOTAL_QUOTA=$((TOTAL_QUOTA * 1000))
fi
# find available quota by subtracting from the total quota
AVL_QUOTA=$(($TOTAL_QUOTA-$QUOTA))
echo "AVL_QUOTA: $AVL_QUOTA"
#Total quota(CPU LIMIT) required for PR to deploy is backend + doc-gen + database + frontend = 580 milli cores.
if [[ $AVL_QUOTA -lt 600 ]]; then
echo "Not Enough Resource(CPU Limits) Quota not available to deploy PR"
exit 1
else
echo "Quota available for deployment."
exit 0
fi
else
echo "This is an already deployed PR, skipping quota check"
exit 0
fi
deploys:
name: Deploys
needs: [builds, check-quota]
uses: ./.github/workflows/.deploy.yml
secrets: inherit
with:
autoscaling: false
target: pr-${{ github.event.number }}
tag: pr-${{ github.event.number }}-${{ github.run_number }}
values: "values-pr.yaml"
frontend-url: https://pay-transparency-pr-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca
test-integration:
name: Integration
needs: [builds, check-quota, deploys]
uses: ./.github/workflows/.integration.yml
secrets: inherit
with:
backend-external-url: https://pay-transparency-pr-${{ github.event.number }}-backend-external.apps.silver.devops.gov.bc.ca/api
test-e2e:
name: E2E
needs: [builds, check-quota, deploys]
uses: ./.github/workflows/.e2e.yml
secrets: inherit
with:
frontend-url: https://pay-transparency-pr-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca