Deploy #17

Workflow file for this run

	name: Deployments

	on:
	workflow_call:
	# Inputs the workflow accepts.
	inputs:
	environment:
	description: 'Which environment to deploy to'
	default: 'dev'
	required: true
	type: string
	imagetag:
	description: 'Which image tag to use'
	default: 'test'
	required: true
	type: string
	penetration_test:
	description: 'If penetration test is required'
	default: false
	required: true
	type: boolean
	vault_zone:
	description: 'Which vault zone to use'
	default: 'dev'
	required: true
	type: string
	zone:
	description: 'Which zone to use'
	default: 'dev'
	required: true
	type: string
	workflow_dispatch:
	# Inputs the workflow accepts.
	inputs:
	environment:
	description: 'Which environment to deploy to'
	default: 'dev'
	required: true
	type: choice
	options:
	- 'dev'
	- 'test'
	- 'prod'
	imagetag:
	description: 'Which image tag to use'
	default: 'test'
	required: true
	type: string
	penetration_test:
	description: 'If penetration test is required'
	default: false
	required: true
	type: boolean
	vault_zone:
	description: 'Which vault zone to use'
	default: 'dev'
	required: true
	type: choice
	options:
	- 'dev'
	- 'test'
	- 'prod'
	zone:
	description: 'Which zone to use'
	default: 'dev'
	required: true
	type: string
	jobs:
	deployments:
	name: Deployments
	environment: ${{inputs.environment}}
	runs-on: ubuntu-22.04
	strategy:
	max-parallel: 1
	fail-fast: true
	matrix:
	name: [init, backend/vehicles, backend/dops, frontend]
	include:
	- name: backend/vehicles
	file: backend/vehicles/openshift.deploy.yml
	overwrite: true
	- name: backend/dops
	file: backend/dops/openshift.deploy.yml
	overwrite: true
	- name: frontend
	file: frontend/openshift.deploy.yml
	overwrite: true
	- name: init
	file: common/openshift.init.yml
	overwrite: false
	steps:
	- name: Import Secrets
	id: vault
	uses: hashicorp/vault-action@v2
	with:
	url: https://vault.developer.gov.bc.ca
	token: ${{ secrets.VAULT_TOKEN }}
	exportEnv: "false"
	namespace: platform-services
	secrets: \|
	${{secrets.VAULT_ENVIRONMENT}}/data/database-${{inputs.vault_zone}} DATABASE_HOST \| VAULT_DATABASE_HOST;
	${{secrets.VAULT_ENVIRONMENT}}/data/database-${{inputs.vault_zone}} DATABASE_USER \| VAULT_DATABASE_USER;
	${{secrets.VAULT_ENVIRONMENT}}/data/database-${{inputs.vault_zone}} DATABASE_NAME \| VAULT_DATABASE_NAME;
	${{secrets.VAULT_ENVIRONMENT}}/data/database-${{inputs.vault_zone}} DATABASE_PASSWORD \| VAULT_DATABASE_PASSWORD;
	${{secrets.VAULT_ENVIRONMENT}}/data/database-${{inputs.vault_zone}} DATABASE_PORT \| VAULT_DATABASE_PORT;
	${{secrets.VAULT_ENVIRONMENT}}/data/auth0-${{inputs.vault_zone}} AUTH0_ISSUER_URL \| VAULT_AUTH0_ISSUER_URL;
	${{secrets.VAULT_ENVIRONMENT}}/data/auth0-${{inputs.vault_zone}} AUTH0_AUDIENCE \| VAULT_AUTH0_AUDIENCE;
	${{secrets.VAULT_ENVIRONMENT}}/data/auth0-${{inputs.vault_zone}} AUTH0_IGNORE_EXP \| VAULT_AUTH0_IGNORE_EXP;
	${{secrets.VAULT_ENVIRONMENT}}/data/auth0-${{inputs.vault_zone}} SITEMINDER_LOG_OFF_URL \| VAULT_SITEMINDER_LOG_OFF_URL;
	${{secrets.VAULT_ENVIRONMENT}}/data/dops-${{inputs.vault_zone}} DOPS_CVSE_FORMS_CACHE_TTL_MS \| VAULT_DOPS_CVSE_FORMS_CACHE_TTL_MS;
	${{secrets.VAULT_ENVIRONMENT}}/data/dops-${{inputs.vault_zone}} DOPS_S3_ACCESS_TYPE \| VAULT_DOPS_S3_ACCESS_TYPE;
	${{secrets.VAULT_ENVIRONMENT}}/data/dops-${{inputs.vault_zone}} DOPS_S3_ACCESSKEYID \| VAULT_DOPS_S3_ACCESSKEYID;
	${{secrets.VAULT_ENVIRONMENT}}/data/dops-${{inputs.vault_zone}} DOPS_S3_BUCKET \| VAULT_DOPS_S3_BUCKET;
	${{secrets.VAULT_ENVIRONMENT}}/data/dops-${{inputs.vault_zone}} DOPS_S3_PRESIGNED_URL_EXPIRY \| VAULT_DOPS_S3_PRESIGNED_URL_EXPIRY;
	${{secrets.VAULT_ENVIRONMENT}}/data/dops-${{inputs.vault_zone}} DOPS_S3_ENDPOINT \| VAULT_DOPS_S3_ENDPOINT;
	${{secrets.VAULT_ENVIRONMENT}}/data/dops-${{inputs.vault_zone}} DOPS_S3_KEY \| VAULT_DOPS_S3_KEY;
	${{secrets.VAULT_ENVIRONMENT}}/data/dops-${{inputs.vault_zone}} DOPS_S3_SECRETACCESSKEY \| VAULT_DOPS_S3_SECRETACCESSKEY;
	${{secrets.VAULT_ENVIRONMENT}}/data/ches-${{inputs.vault_zone}} CHES_TOKEN_URL \| VAULT_CHES_TOKEN_URL;
	${{secrets.VAULT_ENVIRONMENT}}/data/ches-${{inputs.vault_zone}} CHES_URL \| VAULT_CHES_URL;
	${{secrets.VAULT_ENVIRONMENT}}/data/ches-${{inputs.vault_zone}} CHES_CLIENT_ID \| VAULT_CHES_CLIENT_ID;
	${{secrets.VAULT_ENVIRONMENT}}/data/ches-${{inputs.vault_zone}} CHES_CLIENT_SECRET \| VAULT_CHES_CLIENT_SECRET;
	${{secrets.VAULT_ENVIRONMENT}}/data/cdogs-${{inputs.vault_zone}} CDOGS_CLIENT_ID \| VAULT_CDOGS_CLIENT_ID;
	${{secrets.VAULT_ENVIRONMENT}}/data/cdogs-${{inputs.vault_zone}} CDOGS_CLIENT_SECRET \| VAULT_CDOGS_CLIENT_SECRET;
	${{secrets.VAULT_ENVIRONMENT}}/data/cdogs-${{inputs.vault_zone}} CDOGS_TOKEN_URL \| VAULT_CDOGS_TOKEN_URL;
	${{secrets.VAULT_ENVIRONMENT}}/data/cdogs-${{inputs.vault_zone}} CDOGS_URL \| VAULT_CDOGS_URL;
	${{secrets.VAULT_ENVIRONMENT}}/data/be-api-${{inputs.vault_zone}} NODE_ENV \| VAULT_NODE_ENV;
	${{secrets.VAULT_ENVIRONMENT}}/data/payment-${{inputs.vault_zone}} MOTIPAY_API_KEY \| VAULT_MOTIPAY_API_KEY;
	${{secrets.VAULT_ENVIRONMENT}}/data/payment-${{inputs.vault_zone}} MOTIPAY_MERCHANT_ID \| VAULT_MOTIPAY_MERCHANT_ID;
	${{secrets.VAULT_ENVIRONMENT}}/data/payment-${{inputs.vault_zone}} MOTIPAY_BASE_URL \| VAULT_MOTIPAY_BASE_URL;

	- uses: bcgov-nr/[email protected]
	with:
	file: ${{ matrix.file }}
	oc_namespace: ${{inputs.environmnet }}
	oc_server: ${{ secrets.OC_SERVER }}
	oc_token: '${{ secrets.OC_TOKEN }}'
	overwrite: ${{ matrix.overwrite }}
	parameters:
	-p ZONE=${{inputs.zone}}
	-p NAME=${{ github.event.repository.name }}
	-p PROMOTE=${{ github.repository }}/${{ matrix.name }}:${{inputs.imagetag}}
	-p DATABASE_NAME=${{steps.vault.outputs.VAULT_DATABASE_NAME}}
	-p DATABASE_USER=${{steps.vault.outputs.VAULT_DATABASE_USER}}
	-p DATABASE_PASSWORD=${{steps.vault.outputs.VAULT_DATABASE_PASSWORD}}
	-p DATABASE_HOST=${{steps.vault.outputs.VAULT_DATABASE_HOST}}
	-p AUTH0_ISSUER_URL=${{steps.vault.outputs.VAULT_AUTH0_ISSUER_URL}}
	-p AUTH0_AUDIENCE=${{steps.vault.outputs.VAULT_AUTH0_AUDIENCE}}
	-p AUTH0_IGNORE_EXP=${{steps.vault.outputs.VAULT_AUTH0_IGNORE_EXP}}
	-p SITEMINDER_LOG_OFF_URL=${{steps.vault.outputs.VAULT_SITEMINDER_LOG_OFF_URL}}
	-p DOPS_CVSE_FORMS_CACHE_TTL_MS=${{steps.vault.outputs.VAULT_DOPS_CVSE_FORMS_CACHE_TTL_MS}}
	-p DOPS_S3_ACCESS_TYPE=${{steps.vault.outputs.VAULT_DOPS_S3_ACCESS_TYPE}}
	-p DOPS_S3_ACCESSKEYID=${{steps.vault.outputs.VAULT_DOPS_S3_ACCESSKEYID}}
	-p DOPS_S3_BUCKET=${{steps.vault.outputs.VAULT_DOPS_S3_BUCKET}}
	-p DOPS_S3_PRESIGNED_URL_EXPIRY=${{steps.vault.outputs.VAULT_DOPS_S3_PRESIGNED_URL_EXPIRY}}
	-p DOPS_S3_ENDPOINT=${{steps.vault.outputs.VAULT_DOPS_S3_ENDPOINT}}
	-p DOPS_S3_KEY=${{steps.vault.outputs.VAULT_DOPS_S3_KEY}}
	-p DOPS_S3_SECRETACCESSKEY=${{steps.vault.outputs.VAULT_DOPS_S3_SECRETACCESSKEY}}
	-p CHES_TOKEN_URL=${{steps.vault.outputs.VAULT_CHES_TOKEN_URL}}
	-p CHES_CLIENT_ID=${{steps.vault.outputs.VAULT_CHES_CLIENT_ID}}
	-p CHES_CLIENT_SECRET=${{steps.vault.outputs.VAULT_CHES_CLIENT_SECRET}}
	-p CHES_URL=${{steps.vault.outputs.VAULT_CHES_URL}}
	-p CDOGS_CLIENT_ID=${{steps.vault.outputs.VAULT_CDOGS_CLIENT_ID}}
	-p CDOGS_CLIENT_SECRET=${{steps.vault.outputs.VAULT_CDOGS_CLIENT_SECRET}}
	-p CDOGS_TOKEN_URL=${{steps.vault.outputs.VAULT_CDOGS_TOKEN_URL}}
	-p CDOGS_URL=${{steps.vault.outputs.VAULT_CDOGS_URL}}
	-p NODE_ENV=${{steps.vault.outputs.VAULT_NODE_ENV}}
	-p MOTIPAY_API_KEY=${{steps.vault.outputs.VAULT_MOTIPAY_API_KEY}}
	-p MOTIPAY_MERCHANT_ID=${{steps.vault.outputs.VAULT_MOTIPAY_MERCHANT_ID}}
	-p MOTIPAY_BASE_URL=${{steps.vault.outputs.VAULT_MOTIPAY_BASE_URL}}
	${{ matrix.parameters }}
	penetration_test: ${{ github.event_name != 'pull_request'}}
	penetration_test_issue: ${{ matrix.name }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deploy #17

Workflow file

Deploy #17

Jobs

Run details

Workflow file for this run