From b6bfd1d7f90a6f6069958088007e6118cb7e4a13 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 2 May 2024 15:12:47 -0400 Subject: [PATCH] chore(ci): workflow updates (#180) * Use pr-validate.yml and cut down pr-open.yml * Use shared job for pr-close.yml * Adjust merge triggers, go sequential * Use PR number tags through TEST and PROD * Remove ghcr cleanup, handled by buider action --- .github/workflows/merge.yml | 50 +++++++++++++++---------------- .github/workflows/pr-close.yml | 43 +++++++------------------- .github/workflows/pr-open.yml | 39 ++---------------------- .github/workflows/pr-validate.yml | 35 ++++++++++++++++++++++ 4 files changed, 73 insertions(+), 94 deletions(-) create mode 100644 .github/workflows/pr-validate.yml diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml index e86d4ff..d88349e 100644 --- a/.github/workflows/merge.yml +++ b/.github/workflows/merge.yml @@ -1,18 +1,33 @@ name: Merge on: - workflow_run: - workflows: [PR Closed] - types: [completed] - workflow_dispatch: + push: + branches: [main] + paths-ignore: + - '*.md' + - '.github/**' + - '.github/graphics/**' + - '!.github/workflows/**' concurrency: + # Do not interrupt previous workflows group: ${{ github.workflow }} - cancel-in-progress: true + cancel-in-progress: false jobs: + vars: + name: Variables + outputs: ${{ steps.pr.outputs.pr }} + runs-on: ubuntu-latest + steps: + # Get PR number for squash merges to main + - name: PR Number + id: pr + uses: bcgov-nr/action-get-pr@v0.0.1 + deploys-test: name: TEST Deploys + needs: [vars] environment: test runs-on: ubuntu-22.04 permissions: @@ -40,13 +55,13 @@ jobs: overwrite: ${{ matrix.overwrite }} parameters: -p ZONE=test -p NAME=${{ github.event.repository.name }} - -p PROMOTE=${{ github.repository }}/${{ matrix.name }}:test + -p PROMOTE=${{ github.repository }}/${{ matrix.name }}:${{ needs.vars.outputs.pr }} ${{ matrix.parameters }} verification_path: ${{ matrix.verification_path }} deploys-prod: name: PROD Deploys - needs: [deploys-test] + needs: [vars, deploys-test] environment: prod runs-on: ubuntu-22.04 strategy: @@ -70,13 +85,13 @@ jobs: overwrite: ${{ matrix.overwrite }} parameters: -p ZONE=prod -p NAME=${{ github.event.repository.name }} - -p PROMOTE=${{ github.repository }}/${{ matrix.name }}:test + -p PROMOTE=${{ github.repository }}/${{ matrix.name }}:${{ needs.vars.outputs.pr }} ${{ matrix.parameters }} verification_path: ${{ matrix.verification_path }} image-promotions: name: Promote images - needs: [deploys-prod] + needs: [vars, deploys-prod] runs-on: ubuntu-22.04 permissions: packages: write @@ -88,20 +103,5 @@ jobs: with: registry: ghcr.io repository: ${{ github.repository }}/${{ matrix.component }} - target: test + target: ${{ needs.vars.outputs.pr }} tags: prod - - ghcr-cleanup: - name: GHCR Cleanup - runs-on: ubuntu-latest - strategy: - matrix: - name: [backend, frontend] - steps: - - name: Keep last 50 - uses: actions/delete-package-versions@v5 - with: - package-name: "${{ github.event.repository.name }}/${{ matrix.name }}" - package-type: "container" - min-versions-to-keep: 50 - ignore-versions: "^(prod|test)$" diff --git a/.github/workflows/pr-close.yml b/.github/workflows/pr-close.yml index 92c1418..2af7f84 100644 --- a/.github/workflows/pr-close.yml +++ b/.github/workflows/pr-close.yml @@ -2,43 +2,20 @@ name: PR Closed on: pull_request: - branches: [main] types: [closed] concurrency: # PR open and close use the same group, allowing only one at a time - group: pr-${{ github.workflow }}-${{ github.event.number }} + group: ${{ github.event.number }} cancel-in-progress: true jobs: - # Clean up OpenShift when PR closed, no conditions - cleanup-openshift: - name: Cleanup OpenShift - if: "!github.event.pull_request.head.repo.fork" - runs-on: ubuntu-22.04 - steps: - - name: Remove OpenShift artifacts - run: | - oc login --token=${{ secrets.OC_TOKEN }} --server=${{ vars.OC_SERVER }} - oc project ${{ vars.OC_NAMESPACE }} - - # Remove old build runs, build pods and deployment pods - oc delete all,pvc,secret -l app=${{ github.event.repository.name }}-${{ github.event.number }} - - # If merged into main, then handle any image promotions - image-promotions: - name: Image Promotions - if: github.event.pull_request.merged == true && github.event.pull_request.base.ref == 'main' - runs-on: ubuntu-22.04 - permissions: - packages: write - strategy: - matrix: - package: [backend, frontend] - steps: - - uses: shrink/actions-docker-registry-tag@v4 - with: - registry: ghcr.io - repository: ${{ github.repository }}/${{ matrix.package }} - target: ${{ github.event.number }} - tags: test + cleanup: + name: Cleanup and Images + uses: bcgov/quickstart-openshift-helpers/.github/workflows/.pr-close.yml@v0.4.1 + secrets: + oc_namespace: ${{ secrets.OC_NAMESPACE }} + oc_token: ${{ secrets.OC_TOKEN }} + with: + cleanup: label + packages: backend frontend diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index fe9a0d0..a327c37 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -2,48 +2,16 @@ name: PR on: pull_request: - branches: [main] - workflow_dispatch: concurrency: - # PR open and close use the same group, allowing only one at a time - group: pr-${{ github.workflow }}-${{ github.event.number }} - cancel-in-progress: true + # Cancel in progress for PR open and close + group: ${{ github.event.number }} + cancel-in-progress: false jobs: - pr-greeting: - if: "!github.event.pull_request.head.repo.fork" - name: PR Greeting - env: - DOMAIN: apps.silver.devops.gov.bc.ca - PREFIX: ${{ github.event.repository.name }}-${{ github.event.number }} - runs-on: ubuntu-22.04 - permissions: - pull-requests: write - steps: - - name: PR Greeting - uses: bcgov-nr/action-pr-description-add@v1.1.1 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - add_markdown: | - --- - - Thanks for the PR! - - Deployments, as required, will be available below: - - [Frontend](https://${{ env.PREFIX }}-frontend.${{ env.DOMAIN }}) - - [Backend](https://${{ env.PREFIX }}-backend.${{ env.DOMAIN }}) - - Please create PRs in draft mode. Mark as ready to enable: - - [Analysis Workflow](https://github.com/${{ github.repository }}/actions/workflows/analysis.yml) - - After merge, new images are promoted to: - - [Merge Workflow](https://github.com/${{ github.repository }}/actions/workflows/merge-main.yml) - # https://github.com/bcgov-nr/action-builder-ghcr builds: name: Builds - if: "!github.event.pull_request.head.repo.fork" runs-on: ubuntu-22.04 permissions: packages: write @@ -67,7 +35,6 @@ jobs: # https://github.com/bcgov-nr/action-deployer-openshift deploys: name: Deploys - if: "!github.event.pull_request.head.repo.fork" needs: [builds] runs-on: ubuntu-22.04 strategy: diff --git a/.github/workflows/pr-validate.yml b/.github/workflows/pr-validate.yml new file mode 100644 index 0000000..f9331ce --- /dev/null +++ b/.github/workflows/pr-validate.yml @@ -0,0 +1,35 @@ +name: PR Validate + +on: + pull_request: + types: [edited, opened, synchronize, reopened, ready_for_review] + +concurrency: + group: ${{ github.workflow }}-edit-${{ github.event.number }} + cancel-in-progress: true + +jobs: + validate: + name: Validate PR + if: (! github.event.pull_request.draft) + uses: bcgov/quickstart-openshift-helpers/.github/workflows/.pr-validate.yml@v0.4.1 + with: + markdown_links: | + - [Frontend](https://${{ github.event.repository.name }}-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca) + - [Backend](https://${{ github.event.repository.name }}-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca/api) + + results: + name: Validate Results + if: always() + needs: [validate] + runs-on: ubuntu-22.04 + steps: + - run: | + # View results + echo "needs.*.result: ${{ toJson(needs.*.result) }}" + + - if: contains(needs.*.result, 'failure') + run: | + # Job failure found + echo "At least one job has failed" + exit 1