Moved artifactory secret creation to deploy-secrets.sh

Added APP_NAME to deploy-database.sh
bcgov · Oct 9, 2024 · db225d9 · db225d9
1 parent 8968184
commit db225d9
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 12 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -129,8 +129,13 @@ jobs:
  APP_NAME: ${{ inputs.APP_NAME }}
  OC_PROJECT: ${{ github.ref_name }}
  DB_DATABASE: ${{ inputs.DB_DATABASE }}
- DB_USER: ${{ inputs.DB_USER }}
+ DB_USER: ${{ secrets.DB_USER }}
  SECRET_DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
+ SECRET_DOCKER_USERNAME: ${{ secrets.ARTIFACTORY_USER }}
+ SECRET_DOCKER_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+ SECRET_DOCKER_EMAIL: ${{ secrets.ARTIFACTORY_EMAIL }}
+ IMAGE_PULL_SECRET_NAME: ${{ inputs.IMAGE_PULL_SECRET_NAME }}
+ IMAGE_REPO_DOMAIN: ${{ inputs.IMAGE_REPO_DOMAIN }}
 
  # Deploy Network Ingress Policy
  - name: Deploy Network Ingress Policy
@@ -206,7 +211,7 @@ jobs:
  SITE_URL: ${{ inputs.SITE_URL }}
  DB_NAME: ${{ inputs.DB_NAME }}
  DB_DATABASE: ${{ inputs.DB_DATABASE }}
- DB_USER: ${{ inputs.DB_USER }}
+ DB_USER: ${{ secrets.DB_USER }}
  DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
  BUILD_NAMESPACE: ${{ inputs.BUILD_NAMESPACE }}
  DEPLOY_NAMESPACE: ${{ inputs.DEPLOY_NAMESPACE }}

diff --git a/openshift/scripts/deploy-database.sh b/openshift/scripts/deploy-database.sh
@@ -1,6 +1,7 @@
 #!/bin/bash
 
 # Set environment variables
+export APP_NAME="${APP_NAME}"
 export DB_BACKUP_DEPLOYMENT_NAME="${DB_BACKUP_DEPLOYMENT_NAME}"
 export DB_BACKUP_DEPLOYMENT_FULL_NAME="${DB_BACKUP_DEPLOYMENT_FULL_NAME}"
 export BACKUP_HELM_CHART="${BACKUP_HELM_CHART}"

diff --git a/openshift/scripts/deploy-secrets.sh b/openshift/scripts/deploy-secrets.sh
@@ -30,3 +30,13 @@ type: Opaque
 EOF
 
 oc create -f secrets.yml
+
+# Create docker registry secret, if it doesn't exist yet
+oc create secret docker-registry $IMAGE_PULL_SECRET_NAME \
+ --docker-server=$IMAGE_REPO_DOMAIN \
+ --docker-username=$SECRET_DOCKER_USERNAME \
+ --docker-password=$SECRET_DOCKER_PASSWORD \
+ --docker-email=$SECRET_DOCKER_EMAIL
+# Ensure secrets are linked for pulling from Artifactory
+oc secrets link default $IMAGE_PULL_SECRET_NAME --for=pull
+oc secrets link builder $IMAGE_PULL_SECRET_NAME --for=pull
diff --git a/openshift/scripts/deploy-template.sh b/openshift/scripts/deploy-template.sh
@@ -6,16 +6,6 @@ oc project $DEPLOY_NAMESPACE
 echo "Current namespace is $DEPLOY_NAMESPACE"
 echo "Deploying site: $SITE_URL"
 
-# Create secret, if it doesn't exist yet
-oc create secret docker-registry $IMAGE_PULL_SECRET_NAME \
- --docker-server=$IMAGE_REPO_DOMAIN \
- --docker-username=$SECRET_DOCKER_USERNAME \
- --docker-password=$SECRET_DOCKER_PASSWORD \
- --docker-email=$SECRET_DOCKER_EMAIL
-# Ensure secrets are linked for pulling from Artifactory
-oc secrets link default $IMAGE_PULL_SECRET_NAME --for=pull
-oc secrets link builder $IMAGE_PULL_SECRET_NAME --for=pull
-
 echo "Delete cron job if it exists..."
 # Check if cron exists
 if oc get deployment $CRON_NAME; then