Skip to content
Deploy on Openshift

Merge pull request #1025 from bcgov/bugfix-995 #2715

Sign in to view logs

Merge pull request #1025 from bcgov/bugfix-995

Merge pull request #1025 from bcgov/bugfix-995 #2715

Workflow file for this run

.github/workflows/deploy.yml at 0177ff3
# Static Deploy On Openshift
# Builds and Deploys merged PR's to persistent pods/services/routes/etc in the OpenShift Dev environment.
name: Deploy on Openshift
on:
push:
branches:
- dev
- test
- prod
- training
jobs:
#Print variables for logging and debugging purposes
checkEnv:
name: Check Env variables
runs-on: ubuntu-latest
steps:
- name: Print Env Vars
run: |
echo Git Base Ref: ${{ github.base_ref }}
echo Git Build ID: ${{ github.event.number }}
echo Git Pull Request Ref: ${{ github.event.pull_request.head.sha }}
echo OC CLI Version: $(oc version)
echo Git Branch name: ${{ github.ref_name }}
#Build the app
build:
name: Build APP
runs-on: ubuntu-latest
# if: ${{ github.event.pull_request.merged == true}}
if: github.ref_name == 'dev' || github.ref_name == 'test' || github.ref_name == 'prod' || github.ref_name == 'training'
env:
BUILD_ID: ${{ github.event.number }}
BUILD_NAMESPACE: 332842-tools
BRANCH: ${{ github.ref_name }}
BUILD_TAG: ${{ github.ref_name }}
APP: performance
steps:
# Checkout the PR branch
- name: Print env
run: |
echo BUILD ID: $BUILD_ID
echo BUILD NAMESPACE: $BUILD_NAMESPACE
echo BRANCH: $BRANCH
- name: Checkout Target Branch
uses: actions/checkout@v1
# Log in to OpenShift.
# Note: The secrets needed to log in are NOT available if the PR comes from a FORK.
# PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail.
- name: Log in to OpenShift
run: |
oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443
# Build the app images
- name: Build App images
working-directory: "./openshift/app"
run: |
test -n "${BRANCH}"
test -n "${BUILD_NAMESPACE}"
echo "BUILIDING ${APP} with tag: ${BUILD_TAG}"
oc -n ${BUILD_NAMESPACE} process -f docker-build.yml \
-p TAG=${BUILD_TAG} -p SOURCE_REPOSITORY_REF=${BRANCH} \
-p BASE_IMAGE_NAME="php" -p BASE_IMAGE_TAG="8.0-apache" \
-p BASE_IMAGE_REPO="aro.jfrog.io/performance-app/" \
-p GITHUB_AUTH_TOKEN=${{secrets.AUTH_TOKEN}} \
-p SOURCE_CONTEXT_DIR=. \
-p NAME=${APP} | oc -n ${BUILD_NAMESPACE} apply -f -
oc -n ${BUILD_NAMESPACE} start-build bc/${APP} --no-cache --wait
# Deploy App images in Dev
deployDev:
name: Deploy APP to Dev environment
runs-on: ubuntu-latest
if: github.ref_name == 'dev'
env:
BUILD_ID: ${{ github.event.number }}
NAMESPACE: 332842-dev
BUILD_NAMESPACE: 332842-tools
BRANCH: ${{ github.ref_name }}
APP: performance
APP_HOST: performance-332842-dev.apps.silver.devops.gov.bc.ca
DB_NAME: performance
needs:
- build
steps:
- name: Print env
run: |
echo BUILD ID: $BUILD_ID
echo BUILD NAMESPACE: $BUILD_NAMESPACE
echo BRANCH: $BRANCH
- name: Checkout Target Branch
uses: actions/checkout@v1
# Log in to OpenShift.
# Note: The secrets needed to log in are NOT available if the PR comes from a FORK.
# PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail.
- name: Log in to OpenShift
run: |
oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443
- name: Deploy APP
run: |
test -n "${NAMESPACE}"
test -n "${BUILD_NAMESPACE}"
test -n "${BRANCH}"
echo "Current namespace is ${NAMESPACE}"
#oc -n ${BUILD_NAMESPACE} policy add-role-to-group system:image-puller system:serviceaccounts:${NAMESPACE}
oc -n ${NAMESPACE} process -f openshift/app/performance-dc.yml \
-p APP_NAME=${APP} \
-p SITE_URL=${APP_HOST} \
-p CONFIG_MAP=config-env-perf \
-p DB_HOST=mysql-0.mysql \
-p PERFORMANCE_MEMORY_LIMIT=4Gi \
-p REPLICA_COUNT=1 \
-p PROJECT_NAMESPACE=332842-dev \
-p DB_SERVICE_NAME=mysql-0.mysql \
-p PERFORMANCE_VOLUME_CAPACITY=10Gi \
-p DB_NAME=performance-db \
-p DB_USER=root\
-p HTTP_PORT=8000 \
-p DB_PORT=3306 \
-p SITE_NAME=Performance \
-p DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \
-p GIT_PROJECT=performance \
-p BUILD_NAMESPACE="332842-tools" \
-p IMAGE_STREAM_TAG="performance:dev" \
-p GIT_URL="https://github.com/performance.git" \
-p GIT_TAG=openshift \
-p GITHUB_AUTH_TOKEN="${{ secrets.AUTH_TOKEN }}" | \
oc -n ${NAMESPACE} apply -f -
oc rollout latest dc/${APP} -n ${NAMESPACE}
# Check deployment rollout status every 10 seconds (max 10 minutes) until complete.
ATTEMPTS=0
ROLLOUT_STATUS_CMD="oc rollout status dc/${APP} -n ${NAMESPACE}"
until $ROLLOUT_STATUS_CMD || [ $ATTEMPTS -eq 60 ]; do
$ROLLOUT_STATUS_CMD
ATTEMPTS=$((attempts + 1))
sleep 10
done
oc project ${NAMESPACE}
echo "Listing pods.."
oc get pods|grep ${APP}
export ROUTE="$(oc get route ${APP} -o jsonpath='{.spec.host}')"
echo "${APP} is exposed at 'https://'${ROUTE}"
# Deploy App images in Test
deployTest:
name: Deploy APP to Test environment
runs-on: ubuntu-latest
if: github.ref_name == 'test'
env:
BUILD_ID: ${{ github.event.number }}
NAMESPACE: 332842-test
BUILD_NAMESPACE: 332842-tools
BRANCH: ${{ github.ref_name }}
APP: performance
APP_HOST: performance-332842-test.apps.silver.devops.gov.bc.ca
DB_NAME: performance
needs:
- build
steps:
- name: Print env
run: |
echo BUILD ID: $BUILD_ID
echo BUILD NAMESPACE: $BUILD_NAMESPACE
echo BRANCH: $BRANCH
- name: Checkout Target Branch
uses: actions/checkout@v1
# Log in to OpenShift.
# Note: The secrets needed to log in are NOT available if the PR comes from a FORK.
# PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail.
- name: Log in to OpenShift
run: |
oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443
- name: Deploy APP
run: |
test -n "${NAMESPACE}"
test -n "${BUILD_NAMESPACE}"
test -n "${BRANCH}"
echo "Current namespace is ${NAMESPACE}"
#oc -n ${BUILD_NAMESPACE} policy add-role-to-group system:image-puller system:serviceaccounts:${NAMESPACE}
oc -n ${NAMESPACE} process -f openshift/app/performance-dc.yml \
-p APP_NAME=${APP} \
-p SITE_URL=${APP_HOST} \
-p CONFIG_MAP=config-env-perf \
-p DB_HOST=mysql-0.mysql \
-p PERFORMANCE_MEMORY_LIMIT=4Gi \
-p REPLICA_COUNT=1 \
-p PROJECT_NAMESPACE=332842-test \
-p DB_SERVICE_NAME=mysql-0.mysql \
-p PERFORMANCE_VOLUME_CAPACITY=10Gi \
-p DB_NAME=performance-db \
-p DB_USER=root\
-p HTTP_PORT=8000 \
-p DB_PORT=3306 \
-p SITE_NAME=Performance \
-p DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \
-p GIT_PROJECT=performance \
-p BUILD_NAMESPACE="332842-tools" \
-p IMAGE_STREAM_TAG="performance:test" \
-p GIT_URL="https://github.com/performance.git" \
-p GIT_TAG=openshift \
-p GITHUB_AUTH_TOKEN="${{ secrets.AUTH_TOKEN }}" | \
oc -n ${NAMESPACE} apply -f -
oc rollout latest dc/${APP} -n ${NAMESPACE}
# Check deployment rollout status every 10 seconds (max 10 minutes) until complete.
ATTEMPTS=0
ROLLOUT_STATUS_CMD="oc rollout status dc/${APP} -n ${NAMESPACE}"
until $ROLLOUT_STATUS_CMD || [ $ATTEMPTS -eq 60 ]; do
$ROLLOUT_STATUS_CMD
ATTEMPTS=$((attempts + 1))
sleep 10
done
oc project ${NAMESPACE}
echo "Listing pods.."
oc get pods|grep ${APP}
export ROUTE="$(oc get route ${APP} -o jsonpath='{.spec.host}')"
echo "${APP} is exposed at 'https://'${ROUTE}"
# Deploy App images in Prod
deployProd:
name: Deploy APP to Prod environment
runs-on: ubuntu-latest
if: github.ref_name == 'prod'
env:
BUILD_ID: ${{ github.event.number }}
NAMESPACE: 332842-prod
BUILD_NAMESPACE: 332842-tools
BRANCH: ${{ github.ref_name }}
APP: performance
APP_HOST: performance.apps.silver.devops.gov.bc.ca
DB_NAME: performance
needs:
- build
steps:
- name: Print env
run: |
echo BUILD ID: $BUILD_ID
echo BUILD NAMESPACE: $BUILD_NAMESPACE
echo BRANCH: $BRANCH
- name: Checkout Target Branch
uses: actions/checkout@v1
# Log in to OpenShift.
# Note: The secrets needed to log in are NOT available if the PR comes from a FORK.
# PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail.
- name: Log in to OpenShift
run: |
oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443
- name: Deploy APP
run: |
test -n "${NAMESPACE}"
test -n "${BUILD_NAMESPACE}"
test -n "${BRANCH}"
echo "Current namespace is ${NAMESPACE}"
#oc -n ${BUILD_NAMESPACE} policy add-role-to-group system:image-puller system:serviceaccounts:${NAMESPACE}
oc -n ${NAMESPACE} process -f openshift/app/performance-dc.yml \
-p APP_NAME=${APP} \
-p SITE_URL=${APP_HOST} \
-p CONFIG_MAP=config-env-perf \
-p DB_HOST=mysql-0.mysql \
-p PERFORMANCE_MEMORY_LIMIT=4Gi \
-p REPLICA_COUNT=2 \
-p PROJECT_NAMESPACE=332842-prod \
-p DB_SERVICE_NAME=mysql-0.mysql \
-p PERFORMANCE_VOLUME_CAPACITY=10Gi \
-p DB_NAME=performance-db \
-p DB_USER=root\
-p HTTP_PORT=8000 \
-p DB_PORT=3306 \
-p SITE_NAME=Performance \
-p DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \
-p GIT_PROJECT=performance \
-p BUILD_NAMESPACE="332842-tools" \
-p IMAGE_STREAM_TAG="performance:prod" \
-p GIT_URL="https://github.com/performance.git" \
-p GIT_TAG=openshift \
-p GITHUB_AUTH_TOKEN="${{ secrets.AUTH_TOKEN }}" | \
oc -n ${NAMESPACE} apply -f -
#oc rollout latest dc/${APP} -n ${NAMESPACE}
# Check deployment rollout status every 10 seconds (max 10 minutes) until complete.
ATTEMPTS=0
ROLLOUT_STATUS_CMD="oc rollout status dc/${APP} -n ${NAMESPACE}"
until $ROLLOUT_STATUS_CMD || [ $ATTEMPTS -eq 60 ]; do
$ROLLOUT_STATUS_CMD
ATTEMPTS=$((attempts + 1))
sleep 10
done
oc project ${NAMESPACE}
echo "Listing pods.."
oc get pods|grep ${APP}
export ROUTE="$(oc get route ${APP} -o jsonpath='{.spec.host}')"
echo "${APP} is exposed at 'https://'${ROUTE}"
# Deploy App images in Training
deployTraining:
name: Deploy APP to Training environment
runs-on: ubuntu-latest
if: github.ref_name == 'training'
env:
BUILD_ID: ${{ github.event.number }}
NAMESPACE: 332842-test
BUILD_NAMESPACE: 332842-tools
BRANCH: ${{ github.ref_name }}
APP: performance-training
APP_HOST: performance-332842-training.apps.silver.devops.gov.bc.ca
DB_NAME: performance-training
needs:
- build
steps:
- name: Print env
run: |
echo BUILD ID: $BUILD_ID
echo BUILD NAMESPACE: $BUILD_NAMESPACE
echo BRANCH: $BRANCH
- name: Checkout Target Branch
uses: actions/checkout@v1
# Log in to OpenShift.
# Note: The secrets needed to log in are NOT available if the PR comes from a FORK.
# PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail.
- name: Log in to OpenShift
run: |
oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443
- name: Deploy APP
run: |
test -n "${NAMESPACE}"
test -n "${BUILD_NAMESPACE}"
test -n "${BRANCH}"
echo "Current namespace is ${NAMESPACE}"
#oc -n ${BUILD_NAMESPACE} policy add-role-to-group system:image-puller system:serviceaccounts:${NAMESPACE}
oc -n ${NAMESPACE} process -f openshift/app/performance-dc.yml \
-p APP_NAME=${APP} \
-p SITE_URL=${APP_HOST} \
-p CONFIG_MAP=config-env-perf-training \
-p DB_HOST=mysql-training-0.mysql-training-h \
-p PERFORMANCE_MEMORY_LIMIT=4Gi \
-p REPLICA_COUNT=1 \
-p PROJECT_NAMESPACE=332842-test \
-p DB_SERVICE_NAME=mysql-training-0.mysql-training-h \
-p PERFORMANCE_VOLUME_CAPACITY=4Gi \
-p DB_NAME=performance-db-training \
-p DB_USER=root\
-p HTTP_PORT=8000 \
-p DB_PORT=3306 \
-p SITE_NAME=Performance-Training \
-p DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \
-p GIT_PROJECT=performance-training \
-p BUILD_NAMESPACE="332842-tools" \
-p IMAGE_STREAM_TAG="performance:training" \
-p GIT_URL="https://github.com/performance.git" \
-p GIT_TAG=openshift \
-p GITHUB_AUTH_TOKEN="${{ secrets.AUTH_TOKEN }}" | \
oc -n ${NAMESPACE} apply -f -
oc rollout latest dc/${APP} -n ${NAMESPACE}
# Check deployment rollout status every 10 seconds (max 10 minutes) until complete.
ATTEMPTS=0
ROLLOUT_STATUS_CMD="oc rollout status dc/${APP} -n ${NAMESPACE}"
until $ROLLOUT_STATUS_CMD || [ $ATTEMPTS -eq 60 ]; do
$ROLLOUT_STATUS_CMD
ATTEMPTS=$((attempts + 1))
sleep 10
done
oc project ${NAMESPACE}
echo "Listing pods.."
oc get pods|grep ${APP}
export ROUTE="$(oc get route ${APP} -o jsonpath='{.spec.host}')"
echo "${APP} is exposed at 'https://'${ROUTE}"