Add dv and pt review environments

DFE-Digital · Jan 3, 2025 · 9a9e0d2 · 9a9e0d2
1 parent d248184
commit 9a9e0d2
Show file tree

Hide file tree

Showing 7 changed files with 67 additions and 18 deletions.
diff --git a/.github/actions/deploy-environment/action.yml b/.github/actions/deploy-environment/action.yml
@@ -20,6 +20,9 @@ inputs:
   azure-tenant-id:
     description: Azure tenant ID
     required: true
+  dev-cluster:
+    description: Development cluster name (Optional)
+    required: false
 
 runs:
   using: composite
@@ -43,6 +46,7 @@ runs:
       env:
         DOCKER_IMAGE_TAG: ${{ inputs.docker-image }}
         PR_NUMBER: ${{ inputs.pull-request-number }}
+        CLUSTER: ${{ inputs.dev-cluster }}
 
     - name: Extract Terraform outputs
       shell: bash

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -13,32 +13,41 @@ on:
           - review
           - staging
           - sandbox
-          - dv
+          - dv_review
+          - pt_review
       sha:
         description: Commit sha to be deployed
         required: true
-      pr_number:
-        description: PR number
+      pr-number:
+        description: PR number for review apps (Optional)
+        required: false
+      dev-cluster:
+        description: Development cluster name (Optional)
         required: false
 
 jobs:
   deploy:
-    name: ${{ github.event.inputs.environment }} deployment
+    name: ${{ inputs.environment }} deployment
     environment:
-      name: ${{ github.event.inputs.environment }}
+      name: ${{ inputs.environment }}
     concurrency: deploy_all
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      id-token: write
 
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - uses: azure/login@v2
         with:
-          creds: ${{ secrets.AZURE_CREDENTIALS }}
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
 
       - name: Fetch secrets from key vault
-        if: ${{ github.event.inputs.environment != 'review' }}
+        if: ${{ inputs.environment != 'review' && inputs.environment != 'dv_review' }}
         uses: azure/CLI@v2
         id: keyvault-yaml-secret
         with:
@@ -50,13 +59,16 @@ jobs:
       - uses: ./.github/actions/deploy-environment
         id: deploy
         with:
-          environment: ${{ github.event.inputs.environment }}
-          docker-image: ${{ github.event.inputs.sha }}
-          azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
-          pull-request-number: ${{ github.event.inputs.pr_number }}
+          environment: ${{ inputs.environment }}
+          docker-image: ${{ inputs.sha }}
+          azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          pull-request-number: ${{ inputs.pr-number }}
+          dev-cluster: ${{ inputs.dev-cluster }}
 
-      - name: Post comment to Pull Request ${{ github.event.inputs.pr_number }}
-        if: ${{ github.event.inputs.environment == 'review' }}
+      - name: Post comment to Pull Request ${{ inputs.pr-number }}
+        if: ${{ inputs.environment != 'review' && inputs.environment != 'dv_review' }}
         uses: marocchino/sticky-pull-request-comment@v2
         with:
           header: aks
@@ -65,14 +77,14 @@ jobs:
 
             | App               | URL                                                                                      |
             | ----------------- | ---------------------------------------------------------------------------------------- |
-            | Track & Pay       | <https://track-and-pay-${{ github.event.inputs.pr_number }}.test.teacherservices.cloud>            |
-            | School Placements | <https://manage-school-placements-${{ github.event.inputs.pr_number }}.test.teacherservices.cloud> |
+            | Track & Pay       | <https://track-and-pay-${{ inputs.pr-number }}.test.teacherservices.cloud>            |
+            | School Placements | <https://manage-school-placements-${{ inputs.pr-number }}.test.teacherservices.cloud> |
 
       - name: Slack Notification
-        if: ${{ failure() && github.event.inputs.environment != 'review' }}
+        if: ${{ failure() && inputs.environment != 'review' }}
         uses: rtCamp/action-slack-notify@master
         env:
           SLACK_COLOR: failure
-          SLACK_TITLE: Failure deploying release to${{ github.event.inputs.environment }}
-          SLACK_MESSAGE: Failure deploying release to ${{ github.event.inputs.environment }} - Docker tag ${{ github.event.inputs.sha }}
+          SLACK_TITLE: Failure deploying release to${{ inputs.environment }}
+          SLACK_MESSAGE: Failure deploying release to ${{ inputs.environment }} - Docker tag ${{ inputs.sha }}
           SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK_WEBHOOK }}
diff --git a/Makefile b/Makefile
@@ -21,6 +21,11 @@ dv_review: dev-cluster
 	$(eval ENVIRONMENT=${PR_NUMBER})
 	$(eval include global_config/dv_review.sh)
 
+pt_review: platform-test-cluster
+	$(if ${PR_NUMBER},,$(error Missing PR_NUMBER))
+	$(eval ENVIRONMENT=${PR_NUMBER})
+	$(eval include global_config/pt_review.sh)
+
 .PHONY: qa
 qa: test-cluster
 	$(eval include global_config/qa.sh)
@@ -141,6 +146,10 @@ dev-cluster:
 	$(eval CLUSTER_RESOURCE_GROUP_NAME=s189d01-tsc-dv-rg)
 	$(eval CLUSTER_NAME=s189d01-tsc-${CLUSTER}-aks)
 
+platform-test-cluster:
+	$(eval CLUSTER_RESOURCE_GROUP_NAME=s189t01-tsc-pt-rg)
+	$(eval CLUSTER_NAME=s189t01-tsc-platform-test-aks)
+
 test-cluster:
 	$(eval CLUSTER_RESOURCE_GROUP_NAME=s189t01-tsc-ts-rg)
 	$(eval CLUSTER_NAME=s189t01-tsc-test-aks)

diff --git a/global_config/production.sh b/global_config/production.sh
@@ -1,4 +1,5 @@
 CONFIG=production
+ENVIRONMENT=production
 CONFIG_SHORT=pd
 AZURE_SUBSCRIPTION=s189-teacher-services-cloud-production
 AZURE_RESOURCE_PREFIX=s189p01

diff --git a/global_config/pt_review.sh b/global_config/pt_review.sh
@@ -0,0 +1,6 @@
+CONFIG=pt_review
+CONFIG_SHORT=pt
+AZURE_SUBSCRIPTION=s189-teacher-services-cloud-test
+AZURE_RESOURCE_PREFIX=s189t01
+KV_PURGE_PROTECTION=false
+TERRAFORM_MODULES_TAG=main
diff --git a/terraform/application/config/pt_review.tfvars.json b/terraform/application/config/pt_review.tfvars.json
@@ -0,0 +1,6 @@
+{
+  "cluster": "platform-test",
+  "namespace": "development",
+  "deploy_azure_backing_services": false,
+  "enable_postgres_ssl": false
+}
diff --git a/terraform/application/config/pt_review_app_env.yml b/terraform/application/config/pt_review_app_env.yml
@@ -0,0 +1,11 @@
+---
+HOSTING_ENV: review
+
+# API integrations
+GIAS_CSV_BASE_URL: https://ea-edubase-api-prod.azurewebsites.net/edubase/downloads/public
+PUBLISH_BASE_URL: https://qa.api.publish-teacher-training-courses.service.gov.uk
+TEACHING_RECORD_BASE_URL: https://preprod.teacher-qualifications-api.education.gov.uk
+TEACHING_RECORD_API_MINOR_VERSION: 20240416
+
+# User authentication
+SIGN_IN_METHOD: persona