From 3f335dc6e2f0506db5d6231c1215bd361e370f70 Mon Sep 17 00:00:00 2001 From: dallascrichmond <113049138+dallascrichmond@users.noreply.github.com> Date: Fri, 18 Oct 2024 11:50:05 -0700 Subject: [PATCH] chore(ci): frontend init deploy (#36) --- .github/workflows/.deploy.yml | 97 ++++++++++++++++++++++------------- .github/workflows/pr-open.yml | 2 +- backend/openshift.deploy.yml | 45 ++++++++-------- common/openshift.init.yml | 23 +++++++++ database/openshift.deploy.yml | 62 +++++++++------------- 5 files changed, 134 insertions(+), 95 deletions(-) create mode 100644 common/openshift.init.yml diff --git a/.github/workflows/.deploy.yml b/.github/workflows/.deploy.yml index 70febc44..8e7cb5cb 100644 --- a/.github/workflows/.deploy.yml +++ b/.github/workflows/.deploy.yml @@ -19,50 +19,75 @@ on: type: string jobs: - # database: - # name: Database - # environment: ${{ inputs.environment }} - # runs-on: ubuntu-22.04 - # steps: - # - name: Deploy Database - # uses: bcgov-nr/action-deployer-openshift@v3.0.0 - # with: - # oc_namespace: ${{ vars.OC_NAMESPACE }} - # oc_server: ${{ vars.OC_SERVER }} - # oc_token: ${{ secrets.OC_TOKEN }} - # file: database/openshift.deploy.yml - # overwrite: false - # parameters: - # -p TAG=${{ inputs.tag }} -p TARGET=${{ inputs.target }} + init: + name: Init + runs-on: ubuntu-latest + steps: + - name: Initialize + uses: bcgov-nr/action-deployer-openshift@v3.0.1 + with: + oc_namespace: ${{ vars.OC_NAMESPACE }} + oc_server: ${{ vars.OC_SERVER }} + oc_token: ${{ secrets.OC_TOKEN }} + oc_version: "4.14.37" + file: common/openshift.init.yml + overwrite: true + parameters: + -p NAME_SUFFIX=-dev-${{ inputs.target }} + -p DB_PASSWORD=${{ secrets.DB_PASSWORD }} + -p DB_USER=${{ secrets.DB_USER }} + -p DB_NAME=${{ secrets.DB_NAME }} + -p DB_PORT=${{ secrets.DB_PORT }} + + database: + name: Database + needs: [init] + environment: ${{ inputs.environment }} + runs-on: ubuntu-22.04 + steps: + - name: Deploy Database + uses: bcgov-nr/action-deployer-openshift@v3.0.1 + with: + oc_namespace: ${{ vars.OC_NAMESPACE }} + oc_server: ${{ vars.OC_SERVER }} + oc_token: ${{ secrets.OC_TOKEN }} + file: database/openshift.deploy.yml + overwrite: false + parameters: + -p NAME_SUFFIX=-dev-${{ inputs.target }} + -p IMAGE_TAG=${{ inputs.tag }} + -p TARGET=${{ inputs.target }} - # backend: - # name: Backend - # needs: [database] - # environment: ${{ inputs.environment }} - # runs-on: ubuntu-22.04 - # steps: - # - name: Deploy Backend - # uses: bcgov-nr/action-deployer-openshift@v3.0.0 - # with: - # oc_namespace: ${{ vars.OC_NAMESPACE }} - # oc_server: ${{ vars.OC_SERVER }} - # oc_token: ${{ secrets.OC_TOKEN }} - # file: backend/openshift.deploy.yml - # overwrite: true - # parameters: - # -p TAG=${{ inputs.tag }} -p TARGET=${{ inputs.target }} - # verification_path: /api/health - # verification_retry_attempts: "5" - # verification_retry_seconds: "15" + backend: + name: Backend + needs: [init, database] + environment: ${{ inputs.environment }} + runs-on: ubuntu-22.04 + steps: + - name: Deploy Backend + uses: bcgov-nr/action-deployer-openshift@v3.0.1 + with: + oc_namespace: ${{ vars.OC_NAMESPACE }} + oc_server: ${{ vars.OC_SERVER }} + oc_token: ${{ secrets.OC_TOKEN }} + file: backend/openshift.deploy.yml + overwrite: true + parameters: + -p NAME_SUFFIX=-dev-${{ inputs.target }} + -p IMAGE_TAG=${{ inputs.tag }} + -p TARGET=${{ inputs.target }} + verification_path: /api/health + verification_retry_attempts: "5" + verification_retry_seconds: "15" frontend: name: Frontend - # needs: [backend] + needs: [init, database, backend] environment: ${{ inputs.environment }} runs-on: ubuntu-22.04 steps: - name: Deploy Frontend - uses: bcgov-nr/action-deployer-openshift@v3.0.0 + uses: bcgov-nr/action-deployer-openshift@v3.0.1 with: oc_namespace: ${{ vars.OC_NAMESPACE }} oc_server: ${{ vars.OC_SERVER }} diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index f202a7a7..e7537cf8 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -29,7 +29,7 @@ jobs: # https://github.com/bcgov/quickstart-openshift-helpers deploys: name: Deploy - # needs: [builds] + needs: [builds] secrets: inherit uses: ./.github/workflows/.deploy.yml diff --git a/backend/openshift.deploy.yml b/backend/openshift.deploy.yml index e4ee7f9b..b2c81af6 100644 --- a/backend/openshift.deploy.yml +++ b/backend/openshift.deploy.yml @@ -10,7 +10,7 @@ parameters: - name: ORG description: Organization name; e.g. bcgov or bcdevops value: bcgov - - name: TAG + - name: IMAGE_TAG description: Image tag; e.g. PR number or latest required: true - name: TARGET @@ -20,13 +20,16 @@ parameters: description: Password for the PostgreSQL connection user. from: '[a-zA-Z0-9]{16}' generate: expression + - name: NAME_SUFFIX + description: Suffix for the name + required: true objects: - kind: Service apiVersion: v1 metadata: labels: - app: ${APP}-${TARGET} - name: ${APP}-${TARGET}-${COMPONENT} + app: nr-nmp${NAME_SUFFIX} + name: nr-nmp-backend${NAME_SUFFIX} spec: type: ClusterIP ports: @@ -35,50 +38,50 @@ objects: protocol: TCP name: http-3000 selector: - service: ${APP}-${TARGET}-${COMPONENT} + service: nr-nmp-backend${NAME_SUFFIX} - kind: Deployment apiVersion: apps/v1 metadata: labels: - app: ${APP}-${TARGET} - deployment: ${APP}-${TARGET}-${COMPONENT} - name: ${APP}-${TARGET}-${COMPONENT} + app: nr-nmp${NAME_SUFFIX} + deployment: nr-nmp-backend${NAME_SUFFIX} + name: nr-nmp-backend${NAME_SUFFIX} spec: strategy: type: Recreate selector: matchLabels: - deployment: ${APP}-${TARGET}-${COMPONENT} + deployment: nr-nmp-backend${NAME_SUFFIX} template: metadata: labels: - app: ${APP}-${TARGET} - deployment: ${APP}-${TARGET}-${COMPONENT} - service: ${APP}-${TARGET}-${COMPONENT} + app: nr-nmp${NAME_SUFFIX} + deployment: nr-nmp-backend${NAME_SUFFIX} + service: nr-nmp-backend${NAME_SUFFIX} spec: containers: - - name: ${APP}-${TARGET}-${COMPONENT} - image: ghcr.io/${ORG}/${APP}/${COMPONENT}:${TAG} + - name: nr-nmp-backend${NAME_SUFFIX} + image: ghcr.io/bcgov/nr-nmp/backend:${IMAGE_TAG} imagePullPolicy: Always env: - name: LOG_LEVEL value: info - name: POSTGRES_HOST - value: ${APP}-${TARGET}-database + value: nr-nmp-database${NAME_SUFFIX} - name: POSTGRES_DB valueFrom: secretKeyRef: - name: ${APP}-${TARGET}-database + name: nr-nmp-database${NAME_SUFFIX} key: database-name - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: ${APP}-${TARGET}-database + name: nr-nmp-database${NAME_SUFFIX} key: database-password - name: POSTGRES_USER valueFrom: secretKeyRef: - name: ${APP}-${TARGET}-database + name: nr-nmp-database${NAME_SUFFIX} key: database-user ports: - containerPort: 3000 @@ -114,15 +117,15 @@ objects: apiVersion: route.openshift.io/v1 metadata: labels: - app: ${APP}-${TARGET} - name: ${APP}-${TARGET}-${COMPONENT} + app: nr-nmp${NAME_SUFFIX} + name: nr-nmp-backend${NAME_SUFFIX} spec: - host: ${APP}-${TARGET}-${COMPONENT}.apps.silver.devops.gov.bc.ca + host: nr-nmp-backend${NAME_SUFFIX}.apps.silver.devops.gov.bc.ca port: targetPort: http-3000 to: kind: Service - name: ${APP}-${TARGET}-${COMPONENT} + name: nr-nmp-backend${NAME_SUFFIX} weight: 100 tls: termination: edge diff --git a/common/openshift.init.yml b/common/openshift.init.yml new file mode 100644 index 00000000..b111d1df --- /dev/null +++ b/common/openshift.init.yml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Template +parameters: + - name: NAME_SUFFIX + required: true + - name: DB_PASSWORD + required: true + - name: DB_USER + required: true + - name: DB_NAME + required: true + - name: DB_PORT + required: true +objects: + - apiVersion: v1 + kind: Secret + metadata: + name: nr-nmp-database${NAME_SUFFIX} + stringData: + database-name: ${DB_NAME} + database-password: ${DB_PASSWORD} + database-port: ${DB_PORT} + database-user: ${DB_USER} diff --git a/database/openshift.deploy.yml b/database/openshift.deploy.yml index b4fbc9ea..9fec7b89 100644 --- a/database/openshift.deploy.yml +++ b/database/openshift.deploy.yml @@ -10,16 +10,15 @@ parameters: - name: ORG description: Organization name; e.g. bcgov or bcdevops value: bcgov - - name: TAG - description: Image tag; e.g. PR number or latest - required: true - name: TARGET description: Deployment target; e.g. PR number, test or prod required: true - - name: DB_PASSWORD - description: Password for the PostgreSQL connection user. - from: "[a-zA-Z0-9]{16}" - generate: expression + - name: IMAGE_TAG + description: Image tag; e.g. PR number or latest + required: true + - name: NAME_SUFFIX + description: Suffix for the name + required: true objects: - apiVersion: networking.k8s.io/v1 kind: NetworkPolicy @@ -44,23 +43,12 @@ objects: spec: policyTypes: - Ingress - - apiVersion: v1 - kind: Secret - metadata: - name: ${APP}-${TARGET}-${COMPONENT} - labels: - app: ${APP}-${TARGET} - stringData: - database-name: postgres - database-password: ${DB_PASSWORD} - database-port: "5432" - database-user: postgres - kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: ${APP}-${TARGET}-${COMPONENT} + name: nr-nmp-database${NAME_SUFFIX} labels: - app: ${APP}-${TARGET} + app: nr-nmp${NAME_SUFFIX} spec: accessModes: - ReadWriteOnce @@ -71,14 +59,14 @@ objects: - kind: Deployment apiVersion: apps/v1 metadata: - name: ${APP}-${TARGET}-${COMPONENT} + name: nr-nmp-database${NAME_SUFFIX} labels: - app: ${APP}-${TARGET} + app: nr-nmp${NAME_SUFFIX} spec: replicas: 1 selector: matchLabels: - deployment: ${APP}-${TARGET}-${COMPONENT} + deployment: nr-nmp-database${NAME_SUFFIX} strategy: type: Recreate recreateParams: @@ -86,18 +74,18 @@ objects: activeDeadlineSeconds: 21600 template: metadata: - name: ${APP}-${TARGET}-${COMPONENT} + name: nr-nmp-database${NAME_SUFFIX} labels: - app: ${APP}-${TARGET} - deployment: ${APP}-${TARGET}-${COMPONENT} + app: nr-nmp${NAME_SUFFIX} + deployment: nr-nmp-database${NAME_SUFFIX} spec: volumes: - - name: ${APP}-${TARGET}-${COMPONENT} + - name: nr-nmp-database${NAME_SUFFIX} persistentVolumeClaim: - claimName: ${APP}-${TARGET}-${COMPONENT} + claimName: nr-nmp-database${NAME_SUFFIX} containers: - - name: ${APP}-${TARGET} - image: ghcr.io/${ORG}/${APP}/${COMPONENT}:${TAG} + - name: nr-nmp${NAME_SUFFIX} + image: ghcr.io/bcgov/nr-nmp/database:${IMAGE_TAG} ports: - containerPort: 5432 protocol: TCP @@ -136,20 +124,20 @@ objects: - name: POSTGRES_DB valueFrom: secretKeyRef: - name: ${APP}-${TARGET}-${COMPONENT} + name: nr-nmp-database${NAME_SUFFIX} key: database-name - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: ${APP}-${TARGET}-${COMPONENT} + name: nr-nmp-database${NAME_SUFFIX} key: database-password - name: POSTGRES_USER valueFrom: secretKeyRef: - name: ${APP}-${TARGET}-${COMPONENT} + name: nr-nmp-database${NAME_SUFFIX} key: database-user volumeMounts: - - name: ${APP}-${TARGET}-${COMPONENT} + - name: nr-nmp-database${NAME_SUFFIX} mountPath: "/var/lib/postgresql" terminationMessagePath: "/dev/termination-log" terminationMessagePolicy: File @@ -162,8 +150,8 @@ objects: kind: Service metadata: labels: - app: ${APP}-${TARGET} - name: ${APP}-${TARGET}-${COMPONENT} + app: nr-nmp${NAME_SUFFIX} + name: nr-nmp-database${NAME_SUFFIX} spec: ports: - name: postgresql @@ -172,6 +160,6 @@ objects: protocol: TCP targetPort: 5432 selector: - deployment: ${APP}-${TARGET}-${COMPONENT} + deployment: nr-nmp-database${NAME_SUFFIX} sessionAffinity: None type: ClusterIP