Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: iac implementation #110

Merged
merged 1 commit into from
May 21, 2024
+148 −28
Merged

fix: iac implementation #110

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 48 additions & 7 deletions .github/workflows/deploy-to-openshift-dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,23 +148,64 @@ jobs:
oc project ${{ env.OPENSHIFT_NAMESPACE }}
# Cancel any rollouts in progress
oc rollout cancel dc/${{ env.APP_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.APP_ENVIRONMENT }} 2> /dev/null \
|| true && echo "No rollout in progress"
|| true && echo "No rollout in progress"
# Create the image stream if it doesn't exist
oc create imagestream ${{ env.IMAGE_NAME }} 2> /dev/null || true && echo "D365 API image stream in place"
oc tag ${{ steps.push-image-backend.outputs.registry-path }} ${{ env.IMAGE_NAME }}:${{ env.TAG }}
# Process and apply deployment template
oc process -f tools/openshift/d365api.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p BRANCH=${{ env.BRANCH }} \
-p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
-p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \
-p ENVIRONMENT=${{ env.APP_ENVIRONMENT }} -p HAPROXY_IP_WHITELIST=${{ env.HAPROXY_IP_WHITELIST }} \
| oc apply -f -
oc process \
-f tools/openshift/d365api.dc.yaml \
-p APP_NAME=${{ env.APP_NAME }} \
-p REPO_NAME=${{ env.REPO_NAME }} \
-p BRANCH=${{ env.BRANCH }} \
-p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
-p TAG=${{ env.TAG }} \
-p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
-p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
-p MIN_CPU=${{ env.MIN_CPU }} \
-p MAX_CPU=${{ env.MAX_CPU }} \
-p MIN_MEM=${{ env.MIN_MEM }} \
-p MAX_MEM=${{ env.MAX_MEM }} \
-p ENVIRONMENT=${{ env.APP_ENVIRONMENT }} \
-p HAPROXY_IP_WHITELIST=${{ env.HAPROXY_IP_WHITELIST }} \
| oc apply -f -
# Process update-configmap
cat << JSON > /tmp/key_scheme
${{ secrets.D365_API_KEY_SCHEME }}
JSON
cat << JSON > /tmp/api_auth_settings
${{ secrets.D365_API_AUTH_SETTINGS }}
JSON
cat << JSON > /tmp/recipients
${{ secrets.D365_RECIPIENTS }}
JSON
cat << JSON > /tmp/bc_registry_api
${{ secrets.D365_BC_REGISTRY_API }}
JSON
curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \
| bash /dev/stdin \
dev \
${{ env.APP_NAME }} \
${{ env.OPENSHIFT_NAMESPACE }} \
/tmp/key_scheme \
/tmp/api_auth_settings \
${{ secrets.D365_DEFAULT_SENDER_ID }} \
${{ secrets.D365_DEFAULT_CONTACT_ID }} \
/tmp/recipients \
/tmp/bc_registry_api \
${{ secrets.D365_BCCAS_API_URL }}
# Start rollout (if necessary) and follow it
oc rollout latest dc/${{ env.APP_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.APP_ENVIRONMENT }} 2> /dev/null \
|| true && echo "Rollout in progress"
|| true && echo "Rollout in progress"
# Get status, returns 0 if rollout is successful
oc rollout status dc/${{ env.APP_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.APP_ENVIRONMENT }}
Expand Down
54 changes: 46 additions & 8 deletions .github/workflows/deploy-to-openshift-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,24 +112,62 @@ jobs:
oc project ${{ env.OPENSHIFT_NAMESPACE }}
# Cancel any rollouts in progress
oc rollout cancel dc/${{ env.APP_NAME }}-${{ env.APP_NAME_BACKEND }} 2> /dev/null \
|| true && echo "No rollout in progress"
|| true && echo "No rollout in progress"
# Create tag for TEST env from DEV env image
# oc tag ${{ env.NAMESPACE }}-dev/${{ env.REPO_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.BRANCH }}:${{ steps.get-latest-tag.outputs.tag }} ${{ env.NAMESPACE }}-test/${{ env.REPO_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.BRANCH }}:${{ steps.get-latest-tag.outputs.tag }}
# Process and apply deployment template
oc process -f tools/openshift/d365api.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p BRANCH=${{ env.BRANCH }} \
-p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p TAG=${{ steps.get-latest-tag.outputs.tag }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
-p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \
-p ENVIRONMENT=${{ env.APP_ENVIRONMENT }} -p HAPROXY_IP_WHITELIST=${{ env.HAPROXY_IP_WHITELIST }} \
| oc apply -f -
oc process \
-f tools/openshift/d365api.dc.yaml \
-p APP_NAME=${{ env.APP_NAME }} \
-p REPO_NAME=${{ env.REPO_NAME }} \
-p BRANCH=${{ env.BRANCH }} \
-p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
-p TAG=${{ steps.get-latest-tag.outputs.tag }} \
-p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
-p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
-p MIN_CPU=${{ env.MIN_CPU }} \
-p MAX_CPU=${{ env.MAX_CPU }} \
-p MIN_MEM=${{ env.MIN_MEM }} \
-p MAX_MEM=${{ env.MAX_MEM }} \
-p ENVIRONMENT=${{ env.APP_ENVIRONMENT }} \
-p HAPROXY_IP_WHITELIST=${{ env.HAPROXY_IP_WHITELIST }} \
| oc apply -f -
# Process update-configmap
# curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh | bash /dev/stdin test ${{ env.APP_NAME }} ${{ env.NAMESPACE }} ${{ env.SPLUNK_TOKEN }}
cat << JSON > /tmp/key_scheme
${{ secrets.D365_API_KEY_SCHEME }}
JSON
cat << JSON > /tmp/api_auth_settings
${{ secrets.D365_API_AUTH_SETTINGS }}
JSON
cat << JSON > /tmp/recipients
${{ secrets.D365_RECIPIENTS }}
JSON
cat << JSON > /tmp/bc_registry_api
${{ secrets.D365_BC_REGISTRY_API }}
JSON
curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \
| bash /dev/stdin \
test \
${{ env.APP_NAME }} \
${{ env.OPENSHIFT_NAMESPACE }} \
/tmp/key_scheme \
/tmp/api_auth_settings \
${{ secrets.D365_DEFAULT_SENDER_ID }} \
${{ secrets.D365_DEFAULT_CONTACT_ID }} \
/tmp/recipients \
/tmp/bc_registry_api \
${{ secrets.D365_BCCAS_API_URL }}
# Start rollout (if necessary) and follow it
oc rollout latest dc/${{ env.APP_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.APP_ENVIRONMENT }} 2> /dev/null \
|| true && echo "Rollout in progress"
|| true && echo "Rollout in progress"
# Get status, returns 0 if rollout is successful
oc rollout status dc/${{ env.APP_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.APP_ENVIRONMENT }}
52 changes: 45 additions & 7 deletions .github/workflows/deploy-to-openshift-uat.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,18 +122,56 @@ jobs:
oc tag ${{ env.NAMESPACE }}-dev/${{ env.IMAGE_NAME }}:${{ steps.get-latest-tag.outputs.tag }} ${{ env.NAMESPACE }}-test/${{ env.IMAGE_NAME }}:${{ steps.get-latest-tag.outputs.tag }}
# Process and apply deployment template
oc process -f tools/openshift/d365api.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p BRANCH=${{ env.BRANCH }} \
-p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} -p TAG=${{ steps.get-latest-tag.outputs.tag }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
-p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} \
-p ENVIRONMENT=${{ env.APP_ENVIRONMENT }} -p HAPROXY_IP_WHITELIST=${{ env.HAPROXY_IP_WHITELIST }} \
| oc apply -f -
oc process \
-f tools/openshift/d365api.dc.yaml \
-p APP_NAME=${{ env.APP_NAME }} \
-p REPO_NAME=${{ env.REPO_NAME }} \
-p BRANCH=${{ env.BRANCH }} \
-p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
-p TAG=${{ steps.get-latest-tag.outputs.tag }} \
-p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
-p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
-p MIN_CPU=${{ env.MIN_CPU }} \
-p MAX_CPU=${{ env.MAX_CPU }} \
-p MIN_MEM=${{ env.MIN_MEM }} \
-p MAX_MEM=${{ env.MAX_MEM }} \
-p ENVIRONMENT=${{ env.APP_ENVIRONMENT }} \
-p HAPROXY_IP_WHITELIST=${{ env.HAPROXY_IP_WHITELIST }} \
| oc apply -f -
# Process update-configmap
# curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh | bash /dev/stdin test ${{ env.APP_NAME }} ${{ env.NAMESPACE }} ${{ env.SPLUNK_TOKEN }}
cat << JSON > /tmp/key_scheme
${{ secrets.D365_API_KEY_SCHEME }}
JSON
cat << JSON > /tmp/api_auth_settings
${{ secrets.D365_API_AUTH_SETTINGS }}
JSON
cat << JSON > /tmp/recipients
${{ secrets.D365_RECIPIENTS }}
JSON
cat << JSON > /tmp/bc_registry_api
${{ secrets.D365_BC_REGISTRY_API }}
JSON
curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \
| bash /dev/stdin \
uat \
${{ env.APP_NAME }} \
${{ env.OPENSHIFT_NAMESPACE }} \
/tmp/key_scheme \
/tmp/api_auth_settings \
${{ secrets.D365_DEFAULT_SENDER_ID }} \
${{ secrets.D365_DEFAULT_CONTACT_ID }} \
/tmp/recipients \
/tmp/bc_registry_api \
${{ secrets.D365_BCCAS_API_URL }}
# Start rollout (if necessary) and follow it
oc rollout latest dc/${{ env.APP_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.APP_ENVIRONMENT }} 2> /dev/null \
|| true && echo "Rollout in progress"
|| true && echo "Rollout in progress"
# Get status, returns 0 if rollout is successful
oc rollout status dc/${{ env.APP_NAME }}-${{ env.APP_NAME_BACKEND }}-${{ env.APP_ENVIRONMENT }}
15 changes: 9 additions & 6 deletions tools/config/update-configmap.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ if [ "$ENV_VAL" != "prod" ]; then
fi
readonly D365_EMAIL_SAFE_LIST_ENABLE

D365_CONFIGURATION=$(cat << JSON
D365_CONFIGURATION=$(jq << JSON
{
"Logging": $D365_LOG_LEVEL,
"AllowedHosts": "*",
Expand All @@ -64,10 +64,10 @@ D365_CONFIGURATION=$(cat << JSON
},
"AuthenticationSettings": {
"Schemes": {
"ApiKeyScheme": $D365_API_KEY_SCHEME
"ApiKeyScheme": $(cat "$D365_API_KEY_SCHEME")
}
},
"D365AuthSettings": $D365_API_AUTH_SETTINGS,
"D365AuthSettings": $(cat "$D365_API_AUTH_SETTINGS"),
"DocumentSettings": {
"MaxFileSize": 3999999,
"AcceptedFommat": [
Expand Down Expand Up @@ -133,7 +133,7 @@ D365_CONFIGURATION=$(cat << JSON
"EmailSafeList": {
"Enable": $D365_EMAIL_SAFE_LIST_ENABLE,
"DefaultContactId": "$D365_DEFAULT_CONTACT_ID",
"Recipients": $D365_RECIPIENTS
"Recipients": $(cat "$D365_RECIPIENTS")
},
"fundingUrl": "$SERVER_FRONTEND/funding",
"fundingTabUrl": "$SERVER_FRONTEND/funding/overview"
Expand Down Expand Up @@ -161,7 +161,7 @@ D365_CONFIGURATION=$(cat << JSON
}
},
"ExternalServices": {
"BCRegistryApi": $D365_BC_REGISTRY_API,
"BCRegistryApi": $(cat "$D365_BC_REGISTRY_API"),
"BCCASApi": {
"Enable": true,
"Url": "$D365_BCCAS_API_URL",
Expand Down Expand Up @@ -200,11 +200,14 @@ D365_CONFIGURATION=$(cat << JSON
JSON
)
readonly D365_CONFIGURATION
echo "$D365_CONFIGURATION" > /tmp/appsettings.json

echo
echo Creating D365 config map "$APP_NAME-d365api-$ENV_VAL-config-map"
oc create -n "$OPENSHIFT_NAMESPACE" configmap \
--from-literal="appsettings.json=$D365_CONFIGURATION"
"$APP_NAME-d365api-$ENV_VAL-config-map" \
--from-file="appsettings.json=/tmp/appsettings.json" \
--dry-run -o yaml | oc apply -f -

echo
echo Setting environment variables for "$APP_NAME-d365api-$ENV_VAL" application
Expand Down
Loading