Skip to content

Commit

Permalink
migrated to APIOps
Browse files Browse the repository at this point in the history
  • Loading branch information
cmendible committed Sep 8, 2023
1 parent 2cb335f commit c1c5072
Show file tree
Hide file tree
Showing 26 changed files with 481 additions and 198 deletions.
110 changes: 0 additions & 110 deletions .github/workflows/apis-deployment.yaml

This file was deleted.

89 changes: 89 additions & 0 deletions .github/workflows/deploy-apis-with-apiops.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
name: Deploy APIs via APIOps

on:
push:
branches:
- main
- dev
paths:
- "apiops/**"
- ".github/workflows/deploy-apis-with-apiops.yaml"
- ".github/workflows/run-publisher-with-env.yaml"

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
inputs:
COMMIT_ID_CHOICE:
description: 'Choose "publish-all-artifacts-in-repo" only when you want to force republishing all artifacts (e.g. after build failure). Otherwise stick with the default behavior of "publish-artifacts-in-last-commit"'
required: true
type: choice
default: "publish-artifacts-in-last-commit"
options:
- "publish-artifacts-in-last-commit"
- "publish-all-artifacts-in-repo"

env:
APIS_FOLDER: apiops

jobs:
get-commit:
runs-on: ubuntu-latest
steps:
# Set the COMMIT_ID env variable
- name: Set the Commit Id
id: commit
run: |
echo "::set-output name=commit_id::${{ github.sha }}"
outputs:
commit_id: ${{ steps.commit.outputs.commit_id }}
get-apis-folder:
runs-on: ubuntu-latest
steps:
# Set the COMMIT_ID env variable
- name: Set the APIS folder Id
id: apis_folder
run: |
echo $APIS_FOLDER
outputs:
apis_folder: ${{ env.APIS_FOLDER }}
#Publish with Commit ID
Push-Changes-To-APIM-Dev-With-Commit-ID:
if: (github.event.inputs.COMMIT_ID_CHOICE == 'publish-artifacts-in-last-commit' || github.event.inputs.COMMIT_ID_CHOICE == '')
needs: [get-commit, get-apis-folder]
uses: ./.github/workflows/run-publisher-with-env.yaml
with:
API_MANAGEMENT_ENVIRONMENT: dev # change this to match the dev environment created in settings
COMMIT_ID: ${{ needs.get-commit.outputs.commit_id }}
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH: ${{ needs.get-apis-folder.outputs.apis_folder }} # change this to the artifacts folder
secrets: inherit

#Publish without Commit ID. Publishes all artifacts that reside in the artifacts forlder
Push-Changes-To-APIM-Dev-Without-Commit-ID:
if: ( github.event.inputs.COMMIT_ID_CHOICE == 'publish-all-artifacts-in-repo' )
needs: [get-commit, get-apis-folder]
uses: ./.github/workflows/run-publisher-with-env.yaml
with:
API_MANAGEMENT_ENVIRONMENT: dev # change this to match the dev environment created in settings
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH: ${{ needs.get-apis-folder.outputs.apis_folder }} # change this to the artifacts folder
secrets: inherit

Push-Changes-To-APIM-Prod-With-Commit-ID:
if: (github.event.inputs.COMMIT_ID_CHOICE == 'publish-artifacts-in-last-commit' || github.event.inputs.COMMIT_ID_CHOICE == '')
needs: [get-commit, get-apis-folder, Push-Changes-To-APIM-Dev-With-Commit-ID]
uses: ./.github/workflows/run-publisher-with-env.yaml
with:
API_MANAGEMENT_ENVIRONMENT: prod # change this to match the prod environment created in settings
CONFIGURATION_YAML_PATH: configuration.prod.yaml # make sure the file is available at the root
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH: ${{ needs.get-apis-folder.outputs.apis_folder }} # change this to the artifacts folder
COMMIT_ID: ${{ needs.get-commit.outputs.commit_id }}
secrets: inherit

Push-Changes-To-APIM-Prod-Without-Commit-ID:
if: ( github.event.inputs.COMMIT_ID_CHOICE == 'publish-all-artifacts-in-repo' )
needs: [get-commit, get-apis-folder, Push-Changes-To-APIM-Dev-Without-Commit-ID]
uses: ./.github/workflows/run-publisher-with-env.yaml
with:
API_MANAGEMENT_ENVIRONMENT: prod # change this to match the prod environment created in settings
CONFIGURATION_YAML_PATH: configuration.prod.yaml # make sure the file is available at the root
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH: ${{ needs.get-apis-folder.outputs.apis_folder }} # change this to the artifacts folder
secrets: inherit
196 changes: 196 additions & 0 deletions .github/workflows/run-publisher-with-env.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,196 @@
name: Run Publisher with Environment

on:
workflow_call:
inputs:
API_MANAGEMENT_ENVIRONMENT:
required: true
type: string
CONFIGURATION_YAML_PATH:
required: false
type: string
COMMIT_ID:
required: false
type: string
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH:
required: true
type: string

env:
apiops_release_version: v4.9.1
#By default, this will be Information but if you want something different you will need to add a variable in the Settings -> Environment -> Environment variables section
Logging__LogLevel__Default: ${{ vars.LOG_LEVEL }}

jobs:
build:
runs-on: ubuntu-latest
environment: ${{ inputs.API_MANAGEMENT_ENVIRONMENT }}
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
with:
fetch-depth: 2

# Run Spectral
- uses: actions/setup-node@v3
with:
node-version: "14"
- run: npm install -g @stoplight/spectral
- run: spectral lint "${{ GITHUB.WORKSPACE }}/${{ inputs.API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH }}\apis\*.{json,yml,yaml}" --ruleset https://raw.githubusercontent.com/connectedcircuits/devops-api-linter/main/rules.yaml

# Add this step for each APIM environment and pass specific set of secrets that you want replaced in the env section below
- name: "Perform namevalue secret substitution in configuration.${{ inputs.API_MANAGEMENT_ENVIRONMENT}}.yaml"
if: (inputs.API_MANAGEMENT_ENVIRONMENT == 'prod' )
uses: cschleiden/[email protected]
with:
tokenPrefix: "{#"
tokenSuffix: "#}"
files: ${{ format('["**/configuration.{0}.yaml"]', inputs.API_MANAGEMENT_ENVIRONMENT) }}
# specify environment specific secrets to be replaced. For example the QA environment could have a different set sercrets to
# replace within the configuration.[environment].yaml file
env:
testSecretValue: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}

- name: Run publisher without Config Yaml but with Commit ID
if: ( inputs.CONFIGURATION_YAML_PATH == '' && inputs.COMMIT_ID != '')
env:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_RESOURCE_GROUP_NAME: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
API_MANAGEMENT_SERVICE_NAME: ${{ secrets.API_MANAGEMENT_SERVICE_NAME }}
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH: ${{ GITHUB.WORKSPACE }}/${{ inputs.API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH }}
COMMIT_ID: ${{ inputs.COMMIT_ID }}
run: |
Set-StrictMode -Version Latest
$ErrorActionPreference = "Stop"
$VerbosePreference = "Continue"
$InformationPreference = "Continue"
Write-Information "Downloading publisher..."
$publisherFileName = "${{ runner.os }}" -like "*win*" ? "publisher.win-x64.exe" : "publisher.linux-x64.exe"
$uri = "https://github.com/Azure/apiops/releases/download/${{ env.apiops_release_version }}/$publisherFileName"
$destinationFilePath = Join-Path "${{ runner.temp }}" "publisher.exe"
Invoke-WebRequest -Uri "$uri" -OutFile "$destinationFilePath"
if ("${{ runner.os }}" -like "*linux*")
{
Write-Information "Setting file permissions..."
& chmod +x "$destinationFilePath"
if ($LASTEXITCODE -ne 0) { throw "Setting file permissions failed."}
}
& "$destinationFilePath"
if ($LASTEXITCODE -ne 0) { throw "Running publisher failed."}
Write-Information "Execution complete."
shell: pwsh

- name: Run publisher without Config Yaml or Commit ID
if: ( inputs.CONFIGURATION_YAML_PATH == '' && inputs.COMMIT_ID == '')
env:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_RESOURCE_GROUP_NAME: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
API_MANAGEMENT_SERVICE_NAME: ${{ secrets.API_MANAGEMENT_SERVICE_NAME }}
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH: ${{ GITHUB.WORKSPACE }}/${{ inputs.API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH }}
run: |
Set-StrictMode -Version Latest
$ErrorActionPreference = "Stop"
$VerbosePreference = "Continue"
$InformationPreference = "Continue"
Write-Information "Downloading publisher..."
$publisherFileName = "${{ runner.os }}" -like "*win*" ? "publisher.win-x64.exe" : "publisher.linux-x64.exe"
$uri = "https://github.com/Azure/apiops/releases/download/${{ env.apiops_release_version }}/$publisherFileName"
$destinationFilePath = Join-Path "${{ runner.temp }}" "publisher.exe"
Invoke-WebRequest -Uri "$uri" -OutFile "$destinationFilePath"
if ("${{ runner.os }}" -like "*linux*")
{
Write-Information "Setting file permissions..."
& chmod +x "$destinationFilePath"
if ($LASTEXITCODE -ne 0) { throw "Setting file permissions failed."}
}
& "$destinationFilePath"
if ($LASTEXITCODE -ne 0) { throw "Running publisher failed."}
Write-Information "Execution complete."
shell: pwsh

- name: Run publisher with Config Yaml and Commit id
if: ( inputs.CONFIGURATION_YAML_PATH != '' && inputs.COMMIT_ID != '')
env:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_RESOURCE_GROUP_NAME: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
API_MANAGEMENT_SERVICE_NAME: ${{ secrets.API_MANAGEMENT_SERVICE_NAME }}
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH: ${{ GITHUB.WORKSPACE }}/${{ inputs.API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH }}
CONFIGURATION_YAML_PATH: ${{ GITHUB.WORKSPACE }}/${{ inputs.CONFIGURATION_YAML_PATH }}
COMMIT_ID: ${{ inputs.COMMIT_ID }}
run: |
Set-StrictMode -Version Latest
$ErrorActionPreference = "Stop"
$VerbosePreference = "Continue"
$InformationPreference = "Continue"
Write-Information "Downloading publisher..."
$publisherFileName = "${{ runner.os }}" -like "*win*" ? "publisher.win-x64.exe" : "publisher.linux-x64.exe"
$uri = "https://github.com/Azure/apiops/releases/download/${{ env.apiops_release_version }}/$publisherFileName"
$destinationFilePath = Join-Path "${{ runner.temp }}" "publisher.exe"
Invoke-WebRequest -Uri "$uri" -OutFile "$destinationFilePath"
if ("${{ runner.os }}" -like "*linux*")
{
Write-Information "Setting file permissions..."
& chmod +x "$destinationFilePath"
if ($LASTEXITCODE -ne 0) { throw "Setting file permissions failed."}
}
& "$destinationFilePath"
if ($LASTEXITCODE -ne 0) { throw "Running publisher failed."}
Write-Information "Execution complete."
shell: pwsh

- name: Run publisher with Config Yaml but without Commit id
if: ( inputs.CONFIGURATION_YAML_PATH != '' && inputs.COMMIT_ID == '')
env:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_RESOURCE_GROUP_NAME: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
API_MANAGEMENT_SERVICE_NAME: ${{ secrets.API_MANAGEMENT_SERVICE_NAME }}
API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH: ${{ GITHUB.WORKSPACE }}/${{ inputs.API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH }}
CONFIGURATION_YAML_PATH: ${{ GITHUB.WORKSPACE }}/${{ inputs.CONFIGURATION_YAML_PATH }}
run: |
Set-StrictMode -Version Latest
$ErrorActionPreference = "Stop"
$VerbosePreference = "Continue"
$InformationPreference = "Continue"
Write-Information "Downloading publisher..."
$publisherFileName = "${{ runner.os }}" -like "*win*" ? "publisher.win-x64.exe" : "publisher.linux-x64.exe"
$uri = "https://github.com/Azure/apiops/releases/download/${{ env.apiops_release_version }}/$publisherFileName"
$destinationFilePath = Join-Path "${{ runner.temp }}" "publisher.exe"
Invoke-WebRequest -Uri "$uri" -OutFile "$destinationFilePath"
if ("${{ runner.os }}" -like "*linux*")
{
Write-Information "Setting file permissions..."
& chmod +x "$destinationFilePath"
if ($LASTEXITCODE -ne 0) { throw "Setting file permissions failed."}
}
& "$destinationFilePath"
if ($LASTEXITCODE -ne 0) { throw "Running publisher failed."}
Write-Information "Execution complete."
shell: pwsh
Loading

0 comments on commit c1c5072

Please sign in to comment.