From a75968d2474eee6e7688bf84572df848122cd555 Mon Sep 17 00:00:00 2001 From: RMcVelia Date: Wed, 30 Oct 2024 17:02:59 +0000 Subject: [PATCH] WIP --- deploy-to-aks/README.md | 15 +++--- deploy-to-aks/action.yml | 102 ++++++++++++++++++++++----------------- 2 files changed, 66 insertions(+), 51 deletions(-) diff --git a/deploy-to-aks/README.md b/deploy-to-aks/README.md index 657cb82..7d037d3 100644 --- a/deploy-to-aks/README.md +++ b/deploy-to-aks/README.md @@ -6,17 +6,21 @@ Optionally after deployment - if enabled, it will run 'make review seed-review-app' so this must exist in the Makefile - run a smoktest after deployment +If using Google Cloud then GCP_PROJECT_ID abd GCP_WIP variables must be set in the service Makefile. + ## Inputs - `azure-credentials`: A JSON string containing service principle credentials (Required) - `environment`: Name of the environment to deploy (Required) - `github-token`: Default Github token retrieved via secrets. GITHUB_TOKEN or PAT with permission to the repository (Required) - `pr-number`: Pull Request Number if deploying a review app (Optional) -- `seed-review-app`: Run seed command after review deployment (default: false) +- `db-seed`: Run seed command after review deployment (default: false) - `sha`: commit sha of the docker image to be deployed (Required) - `slack-webhook` : A slack webhook to send a slack message to the service tech channel on deploy failure (Optional) -- `smoketest-cmd` : Smoke test url path (Optional) -- `tf-url-output` : Name of the terraform url output, which must be json parsable (default: 'url') -- `tf-path` : Name of the base terraform path (default: 'terraform/application') +- `smoke-test` : Run an application smoke test after deployment (default: false) +- `healthcheck` : Health check path (Optional) +- `terraform-url-output` : Name of the terraform url output, which must be json parsable (default: 'external_urls') +- `terraform-base` : Name of the base terraform path (default: 'terraform/application') +- `terraform-provider` : Name of the file containing the terraform provider (default: 'terraform.tf') ## Example @@ -33,7 +37,6 @@ Optionally after deployment github-token: ${{ secrets.GITHUB_TOKEN }} pr-number: ${{ github.event.pull_request.number }} sha: ${{ needs.build.outputs.docker-image-tag }} - tf-path: ${{ env.TF_PATH }} - smoketest-cmd: 'healthcheck/all' + healthcheck: 'healthcheck/all' seed-review-app: true ``` diff --git a/deploy-to-aks/action.yml b/deploy-to-aks/action.yml index 198135a..e477c98 100644 --- a/deploy-to-aks/action.yml +++ b/deploy-to-aks/action.yml @@ -13,37 +13,48 @@ inputs: pr-number: description: PR number for the review app required: false - seed-review-app: - description: run seed command after a review deployment - type: boolean - required: false - default: false sha: description: Commit sha to be deployed required: true slack-webhook: required: false - smoketest-cmd: - description: smoketest url suffix + db-seed: + description: run seed command after a review deployment + type: boolean + required: false + default: false + smoke-test: + description: Enable smoke test after deployment + type: boolean + required: false + default: false + healthcheck: + description: Health check path required: false - tf-url-output: - description: terraform output that contains the url + terraform-url-output: + description: terraform output that contains the app urls required: false - default: 'url' - tf-path: + default: 'external_urls' + terraform-base: description: path to the terraform files required: false default: 'terraform/application' + terraform-provider: + description: file containing terraform provider + required: false + default: 'terraform.tf' runs: using: composite steps: - name: Set Environment variables - id: set_tf_var + id: set_env_var shell: bash run: | - terraform_version=$(awk '/{/{f=/^terraform/;next}f' ${{ inputs.tf-path }}/terraform.tf | grep -o [0-9\.]*) + terraform_version=$(awk '/{/{f=/^terraform/;next}f' ${{ inputs.terraform-base }}/${{ inputs.terraform-provider }} | grep -o [0-9\.]*) echo "TERRAFORM_VERSION=$terraform_version" >> $GITHUB_ENV + echo "GCP_PROJECT_ID=$(make -s printvar-GCP_PROJECT_ID || true)" >> $GITHUB_ENV + echo "GCP_WIP=$(make -s printvar-GCP_WIP || true)" >> $GITHUB_ENV - name: Use Terraform ${{ env.TERRAFORM_VERSION }} uses: hashicorp/setup-terraform@v3 @@ -52,23 +63,20 @@ runs: terraform_wrapper: false - uses: azure/login@v2 + if: ${{ ( inputs.db-seed == 'true' && inputs.environment == 'review' ) }} with: creds: ${{ inputs.azure-credentials }} + - uses: google-github-actions/auth@v2 + if: ${{ ( env.PROJECT_ID != '' && env.WIP != '' ) }} + with: + project_id: ${{ env.PROJECT_ID }} + workload_identity_provider: ${{ env.WIP }} + - uses: DFE-Digital/github-actions/set-kubelogin-environment@master with: azure-credentials: ${{ inputs.azure-credentials }} - # - name: Start review-${{ github.event.pull_request.number }} Deployment - # uses: bobheadxi/deployments@v1 - # id: deployment - # if: inputs.pr-number != '' - # with: - # env: review-${{ inputs.pr-number }} - # ref: ${{ github.head_ref }} - # step: start - # token: ${{ inputs.github-token }} - - name: Terraform apply shell: bash run: make ${{ inputs.environment }} ci terraform-apply @@ -77,39 +85,32 @@ runs: PR_NUMBER: ${{ inputs.pr-number }} - name: Install kubectl - if: inputs.seed-review-app == 'true' + if: ${{ ( inputs.db-seed == 'true' && inputs.environment == 'review' ) }} uses: DFE-Digital/github-actions/set-kubectl@master - name: Seed review app shell: bash - if: inputs.seed-review-app == 'true' - run: make ci ${{ inputs.environment }} seed-review-app + if: ${{ ( inputs.db-seed == 'true' && inputs.environment == 'review' ) }} + run: make ci ${{ inputs.environment }} db-seed env: PR_NUMBER: ${{ inputs.pr-number }} - - name: Run smoke tests - if: inputs.smoketest-cmd != '' + - name: Run healthcheck + if: ${{ inputs.healthcheck != '' }} shell: bash run: | - urls=$(terraform -chdir=${{ inputs.tf-path }} output -json ${{ inputs.tf-url-output }} | jq -r '.[]') + urls=$(terraform -chdir=${{ inputs.terraform-base }} output -json ${{ inputs.terraform-url-output }} | jq -r '.[]') for url in $urls; do - echo "Check health for $url/${{ inputs.smoketest-cmd }}..." - curl -sS --fail "$url/${{ inputs.smoketest-cmd }}" > /dev/null && echo "Health check passed for $url" || echo "Health check failed for $url" + echo "Check health for $url/${{ inputs.healthcheck }}..." + curl -sS --fail "$url/${{ inputs.healthcheck }}" > /dev/null && echo "Health check passed for $url" || echo "Health check failed for $url" done - echo "URLS<> $GITHUB_ENV - echo $urls >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - # - name: Update review-${{ inputs.pr-number }} status - # if: always() && inputs.pr-number != '' - # uses: bobheadxi/deployments@v1 - # with: - # env: review-${{ inputs.pr-number }} - # ref: ${{ github.head_ref }} - # step: finish - # token: ${{ inputs.github-token }} - # status: ${{ job.status }} - # deployment_id: ${{ steps.deployment.outputs.deployment_id }} + if [ ${{ inputs.pr-number }} != '' ]; then + echo "URLS<> $GITHUB_ENV + for url in $urls; do + echo $url >> $GITHUB_ENV + done + echo "EOF" >> $GITHUB_ENV + fi - name: Post comment to Pull Request ${{ inputs.pr-number }} if: inputs.pr-number != '' @@ -123,6 +124,17 @@ runs: | ---------------------------------------------------------------------------------------- | | ${{ env.URLS }} | + - name: Run smoke test + shell: bash + if: ${{ inputs.smoke-test == 'true' }} + env: + PR_NUMBER: ${{ inputs.pr-number }} +# Could run one of the below commands, but how would you know what env vars to pass to the script? +# I'm not convinced this is going to work very well looking at existing app smoke tests + run: | + make ci ${{ inputs.environment }} smoke-test + bin/smoke + - name: Notify Slack channel on job failure if: ${{ failure() && github.ref == 'refs/heads/main' }} uses: rtCamp/action-slack-notify@master