From 9a9e0d256ad8d5c1126d04c6fe8d44408174df88 Mon Sep 17 00:00:00 2001 From: Colin Saliceti Date: Fri, 20 Dec 2024 14:38:44 +0000 Subject: [PATCH] Add dv and pt review environments --- .github/actions/deploy-environment/action.yml | 4 ++ .github/workflows/deploy.yml | 48 ++++++++++++------- Makefile | 9 ++++ global_config/production.sh | 1 + global_config/pt_review.sh | 6 +++ .../application/config/pt_review.tfvars.json | 6 +++ .../application/config/pt_review_app_env.yml | 11 +++++ 7 files changed, 67 insertions(+), 18 deletions(-) create mode 100644 global_config/pt_review.sh create mode 100644 terraform/application/config/pt_review.tfvars.json create mode 100644 terraform/application/config/pt_review_app_env.yml diff --git a/.github/actions/deploy-environment/action.yml b/.github/actions/deploy-environment/action.yml index ef76944ac..234a3adfe 100644 --- a/.github/actions/deploy-environment/action.yml +++ b/.github/actions/deploy-environment/action.yml @@ -20,6 +20,9 @@ inputs: azure-tenant-id: description: Azure tenant ID required: true + dev-cluster: + description: Development cluster name (Optional) + required: false runs: using: composite @@ -43,6 +46,7 @@ runs: env: DOCKER_IMAGE_TAG: ${{ inputs.docker-image }} PR_NUMBER: ${{ inputs.pull-request-number }} + CLUSTER: ${{ inputs.dev-cluster }} - name: Extract Terraform outputs shell: bash diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 9e07d828c..cf4c3fc6a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -13,21 +13,28 @@ on: - review - staging - sandbox - - dv + - dv_review + - pt_review sha: description: Commit sha to be deployed required: true - pr_number: - description: PR number + pr-number: + description: PR number for review apps (Optional) + required: false + dev-cluster: + description: Development cluster name (Optional) required: false jobs: deploy: - name: ${{ github.event.inputs.environment }} deployment + name: ${{ inputs.environment }} deployment environment: - name: ${{ github.event.inputs.environment }} + name: ${{ inputs.environment }} concurrency: deploy_all runs-on: ubuntu-latest + permissions: + pull-requests: write + id-token: write steps: - name: Checkout @@ -35,10 +42,12 @@ jobs: - uses: azure/login@v2 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} + client-id: ${{ secrets.AZURE_CLIENT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} - name: Fetch secrets from key vault - if: ${{ github.event.inputs.environment != 'review' }} + if: ${{ inputs.environment != 'review' && inputs.environment != 'dv_review' }} uses: azure/CLI@v2 id: keyvault-yaml-secret with: @@ -50,13 +59,16 @@ jobs: - uses: ./.github/actions/deploy-environment id: deploy with: - environment: ${{ github.event.inputs.environment }} - docker-image: ${{ github.event.inputs.sha }} - azure-credentials: ${{ secrets.AZURE_CREDENTIALS }} - pull-request-number: ${{ github.event.inputs.pr_number }} + environment: ${{ inputs.environment }} + docker-image: ${{ inputs.sha }} + azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} + azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} + pull-request-number: ${{ inputs.pr-number }} + dev-cluster: ${{ inputs.dev-cluster }} - - name: Post comment to Pull Request ${{ github.event.inputs.pr_number }} - if: ${{ github.event.inputs.environment == 'review' }} + - name: Post comment to Pull Request ${{ inputs.pr-number }} + if: ${{ inputs.environment != 'review' && inputs.environment != 'dv_review' }} uses: marocchino/sticky-pull-request-comment@v2 with: header: aks @@ -65,14 +77,14 @@ jobs: | App | URL | | ----------------- | ---------------------------------------------------------------------------------------- | - | Track & Pay | | - | School Placements | | + | Track & Pay | | + | School Placements | | - name: Slack Notification - if: ${{ failure() && github.event.inputs.environment != 'review' }} + if: ${{ failure() && inputs.environment != 'review' }} uses: rtCamp/action-slack-notify@master env: SLACK_COLOR: failure - SLACK_TITLE: Failure deploying release to${{ github.event.inputs.environment }} - SLACK_MESSAGE: Failure deploying release to ${{ github.event.inputs.environment }} - Docker tag ${{ github.event.inputs.sha }} + SLACK_TITLE: Failure deploying release to${{ inputs.environment }} + SLACK_MESSAGE: Failure deploying release to ${{ inputs.environment }} - Docker tag ${{ inputs.sha }} SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK_WEBHOOK }} diff --git a/Makefile b/Makefile index 7bdcb4f9c..bdc788824 100644 --- a/Makefile +++ b/Makefile @@ -21,6 +21,11 @@ dv_review: dev-cluster $(eval ENVIRONMENT=${PR_NUMBER}) $(eval include global_config/dv_review.sh) +pt_review: platform-test-cluster + $(if ${PR_NUMBER},,$(error Missing PR_NUMBER)) + $(eval ENVIRONMENT=${PR_NUMBER}) + $(eval include global_config/pt_review.sh) + .PHONY: qa qa: test-cluster $(eval include global_config/qa.sh) @@ -141,6 +146,10 @@ dev-cluster: $(eval CLUSTER_RESOURCE_GROUP_NAME=s189d01-tsc-dv-rg) $(eval CLUSTER_NAME=s189d01-tsc-${CLUSTER}-aks) +platform-test-cluster: + $(eval CLUSTER_RESOURCE_GROUP_NAME=s189t01-tsc-pt-rg) + $(eval CLUSTER_NAME=s189t01-tsc-platform-test-aks) + test-cluster: $(eval CLUSTER_RESOURCE_GROUP_NAME=s189t01-tsc-ts-rg) $(eval CLUSTER_NAME=s189t01-tsc-test-aks) diff --git a/global_config/production.sh b/global_config/production.sh index 609e01ea2..82da93efe 100644 --- a/global_config/production.sh +++ b/global_config/production.sh @@ -1,4 +1,5 @@ CONFIG=production +ENVIRONMENT=production CONFIG_SHORT=pd AZURE_SUBSCRIPTION=s189-teacher-services-cloud-production AZURE_RESOURCE_PREFIX=s189p01 diff --git a/global_config/pt_review.sh b/global_config/pt_review.sh new file mode 100644 index 000000000..4bd6719f8 --- /dev/null +++ b/global_config/pt_review.sh @@ -0,0 +1,6 @@ +CONFIG=pt_review +CONFIG_SHORT=pt +AZURE_SUBSCRIPTION=s189-teacher-services-cloud-test +AZURE_RESOURCE_PREFIX=s189t01 +KV_PURGE_PROTECTION=false +TERRAFORM_MODULES_TAG=main diff --git a/terraform/application/config/pt_review.tfvars.json b/terraform/application/config/pt_review.tfvars.json new file mode 100644 index 000000000..09d395f48 --- /dev/null +++ b/terraform/application/config/pt_review.tfvars.json @@ -0,0 +1,6 @@ +{ + "cluster": "platform-test", + "namespace": "development", + "deploy_azure_backing_services": false, + "enable_postgres_ssl": false +} diff --git a/terraform/application/config/pt_review_app_env.yml b/terraform/application/config/pt_review_app_env.yml new file mode 100644 index 000000000..9ff365b18 --- /dev/null +++ b/terraform/application/config/pt_review_app_env.yml @@ -0,0 +1,11 @@ +--- +HOSTING_ENV: review + +# API integrations +GIAS_CSV_BASE_URL: https://ea-edubase-api-prod.azurewebsites.net/edubase/downloads/public +PUBLISH_BASE_URL: https://qa.api.publish-teacher-training-courses.service.gov.uk +TEACHING_RECORD_BASE_URL: https://preprod.teacher-qualifications-api.education.gov.uk +TEACHING_RECORD_API_MINOR_VERSION: 20240416 + +# User authentication +SIGN_IN_METHOD: persona