diff --git a/.github/workflows/main-merge.yml b/.github/workflows/main-merge.yml index 92cdafa..aa7db6a 100644 --- a/.github/workflows/main-merge.yml +++ b/.github/workflows/main-merge.yml @@ -34,3 +34,5 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} # Build output to publish to the `gh-pages` branch: publish_dir: ./patterns/build + clean-exclude: pr-preview/ + force: false diff --git a/.github/workflows/pr-close.yml b/.github/workflows/pr-close.yml deleted file mode 100644 index 62e1f58..0000000 --- a/.github/workflows/pr-close.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: Pull Request Closed - -on: - pull_request: - types: - - closed - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - # Clean up OpenShift when PR closed, no conditions - cleanup-openshift: - name: Cleanup OpenShift - runs-on: ubuntu-24.04 - steps: - - name: Remove OpenShift artifacts - run: | - oc login --token=${{ secrets.OC_TOKEN }} --server=${{ vars.OC_SERVER }} - oc project ${{ vars.OC_NAMESPACE }} - - # Remove old build runs, build pods and deployment pods - helm uninstall ${{ github.event.repository.name }}-${{ github.event.number }} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 10c46a7..c545451 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -1,72 +1,44 @@ -name: Deploy to OpenShift on PR +name: PR on: pull_request: + types: + - opened + - reopened + - synchronize + - closed branches: - main + workflow_dispatch: +concurrency: preview-${{ github.ref }} +permissions: + contents: write + pull-requests: write jobs: - pr-description-add: - name: PR Description Add - runs-on: ubuntu-24.04 - permissions: - pull-requests: write - timeout-minutes: 1 + build-and-deploy: + runs-on: ubuntu-22.04 + defaults: + run: + working-directory: ./patterns steps: - - uses: bcgov-nr/action-pr-description-add@v1.1.2 + - name: Checkout 🛎️ + uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + if: github.event.action != 'closed' with: - github_token: ${{ secrets.GITHUB_TOKEN }} - add_markdown: | - --- - Thanks for the PR! - - Deployments, as required, will be available below: - - [Frontend](https://${{ github.event.repository.name }}-${{ github.event.number }}.apps.silver.devops.gov.bc.ca) - - builds: - name: Builds - runs-on: ubuntu-24.04 - permissions: - packages: write - strategy: - matrix: - package: [frontend] - include: - - package: frontend - triggers: ('patterns/') - build_file: ./patterns/Dockerfile - build_context: ./patterns - - steps: - - uses: actions/checkout@v4 - - uses: bcgov-nr/action-builder-ghcr@v2.2.0 - with: - package: ${{ matrix.package }} - tag: pr-${{ github.event.number }} - tag_fallback: test - token: ${{ secrets.GITHUB_TOKEN }} - triggers: ${{ matrix.triggers }} - build_context: ${{ matrix.build_context }} - build_file: ${{ matrix.build_file }} - deploys: - name: Deploys - needs: [builds] - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@v4 - name: Checkout - - name: Deploy to OpenShift - shell: bash + node-version: 20 + cache: npm + cache-dependency-path: patterns/package-lock.json + + - name: Install dependencies + if: github.event.action != 'closed' + run: npm ci --ignore-scripts + - name: Install Dependencies and Build For PR🔧 + if: github.event.action != 'closed' + env: + BASE_URL: /nr-architecture-patterns-library/pr-preview/pr-${{github.event.number}} run: | - # Allow pipefail, since we could be catching oc create errors - set +o pipefail - - # Login to OpenShift (NOTE: project command is a safeguard) - oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }} - oc project ${{ vars.oc_namespace }} - helm uninstall ${{ github.event.repository.name }}-${{ github.event.number }} || true - # Deploy Helm Chart - cd charts/${{ github.event.repository.name }} - helm dependency update - helm upgrade --install --wait --atomic ${{ github.event.repository.name }}-${{ github.event.number }} \ - --set-string global.tag="pr-${{ github.event.number }}" \ - --set-string global.repository="${{ github.repository }}" \ - -f values.yaml --timeout 5m . + npm run build + - name: Deploy preview + uses: rossjrw/pr-preview-action@v1 + with: + source-dir: ./patterns/build \ No newline at end of file diff --git a/charts/nr-architecture-patterns-library/Chart.yaml b/charts/nr-architecture-patterns-library/Chart.yaml deleted file mode 100644 index b6be814..0000000 --- a/charts/nr-architecture-patterns-library/Chart.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v2 -name: nr-architecture-patterns-library -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "0.1.0" - -dependencies: - - - name: component - condition: frontend.enabled - version: 0.3.0 - repository: https://bcgov.github.io/helm-service/ - alias: frontend \ No newline at end of file diff --git a/charts/nr-architecture-patterns-library/values.yaml b/charts/nr-architecture-patterns-library/values.yaml deleted file mode 100644 index 809f7be..0000000 --- a/charts/nr-architecture-patterns-library/values.yaml +++ /dev/null @@ -1,73 +0,0 @@ -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: - repository: ~ # the repository where the images are stored. - registry: ghcr.io # the registry where the images are stored. override during runtime for other registry at global level or individual level. - domain: "apps.silver.devops.gov.bc.ca" # it is required, apps.silver.devops.gov.bc.ca for silver cluster - openshiftImageRegistry: "image-registry.openshift-image-registry.svc:5000" - tag: ~ - imagestreams: - enabled: true - -frontend: - enabled: true - deployment: # can be either a statefulSet or a deployment not both - enabled: true - containers: - - name: frontend - registry: '{{ .Values.global.registry }}' # example, it includes registry - repository: '{{ .Values.global.repository }}' # example, it includes repository - image: frontend # the exact component name, be it backend, api-1 etc... - tag: '{{ .Values.global.tag }}' # example, it includes repository - securityContext: - capabilities: - add: [ "NET_BIND_SERVICE" ] - ports: - - name: http - containerPort: 3000 - protocol: TCP - - name: http2 - containerPort: 3001 - protocol: TCP - resources: # this is optional - limits: - cpu: 25m - memory: 50Mi - requests: - cpu: 10m - memory: 20Mi - readinessProbe: - httpGet: - path: /health - port: 3001 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 2 - timeoutSeconds: 2 - successThreshold: 1 - failureThreshold: 30 - livenessProbe: - successThreshold: 1 - failureThreshold: 3 - httpGet: - path: /health - port: 3001 - scheme: HTTP - initialDelaySeconds: 15 - periodSeconds: 30 - timeoutSeconds: 5 - autoscaling: - enabled: false - - service: - enabled: true - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 3000 # the container port where the application is listening on - protocol: TCP - route: - enabled: true - host: "{{ .Release.Name }}.{{ .Values.global.domain }}" - targetPort: http # look at line#164 refer to the name. diff --git a/patterns/Caddyfile b/patterns/Caddyfile deleted file mode 100644 index 1445ed6..0000000 --- a/patterns/Caddyfile +++ /dev/null @@ -1,40 +0,0 @@ -{ - auto_https off - admin 0.0.0.0:3002 - servers { - metrics - } -} -:3000 { - log { - output stdout - format console { - time_format iso8601 - level_format color - } - level info - } - encode gzip - - handle { - root * /app/dist - try_files {path} {path}/ /index.html - file_server - } - header { - X-Frame-Options "SAMEORIGIN" - X-XSS-Protection "1;mode=block" - Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" - X-Content-Type-Options "nosniff" - Strict-Transport-Security "max-age=31536000" - Content-Security-Policy https://raw.githubusercontent.com/bcgov/* "default-src 'self' *.devops.gov.bc.ca data:; script-src 'self' 'unsafe-eval' https://www2.gov.bc.ca ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://fonts.googleapis.com http://www.w3.org" - Referrer-Policy "same-origin" - Feature-Policy "fullscreen 'self'; camera 'none'; microphone 'none'" - } -} - -:3001 { - handle /health { - respond "OK" - } -} diff --git a/patterns/Dockerfile b/patterns/Dockerfile deleted file mode 100644 index 303b547..0000000 --- a/patterns/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -# Build static files -FROM node:lts-alpine AS build - -WORKDIR /app -COPY . . -RUN npm ci --ignore-scripts && \ - npm run build - -# Caddy -FROM caddy:2.8-alpine - -# Copy static files and config -COPY --from=build /app/build /app/dist -COPY Caddyfile /etc/caddy/Caddyfile - -# Packages and caddy format -RUN apk add --no-cache ca-certificates && \ - caddy fmt --overwrite /etc/caddy/Caddyfile - -# Port, health check and non-root user -EXPOSE 3000 3001 -HEALTHCHECK --interval=30s --timeout=3s CMD curl -f http://localhost/:3001/health -USER 1001