Skip to content

Commit

Permalink
Adding certificate and url endpoints
Browse files Browse the repository at this point in the history
  • Loading branch information
@cditcher
cditcher committed Nov 28, 2024
1 parent 404ed07 commit bad8513
Show file tree
Hide file tree
Showing 4 changed files with 72 additions and 3 deletions.
1 change: 1 addition & 0 deletions .github/workflows/build-n-deploy-frontend-to-ocp-dev.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,7 @@ jobs:
oc process -f tools/openshift/frontend-dc.yaml -p REPO_NAME=educ-grad-admin \
-p HOST_ROUTE=educ-grad-admin-bbe4c3-dev.apps.silver.devops.gov.bc.ca -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
-p APP_NAME=educ-grad-admin -p TAG=latest -p MIN_REPLICAS=2 -p MAX_REPLICAS=3 -p MIN_CPU=50m -p MAX_CPU=100m \
-p BASE_URL=${{ env.TARGET_ENV }}.grad.gov.bc.ca -p ENVIRONMENT=${{ env.TARGET_ENV }} -p CERTIFICATE=${{ secrets.CERTIFICATE }} -p CA_CERT=${{ secrets.CA_CERT }} -p PRIVATE_KEY=${{ secrets.PRIVATE_KEY }} \
-p MIN_MEM=200Mi -p MAX_MEM=250Mi | oc apply -n bbe4c3-dev -f -
# Start rollout (if necessary) and follow it
Expand Down
6 changes: 4 additions & 2 deletions .github/workflows/deploy-frontend-to-ocp-prod.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,8 +82,10 @@ jobs:
# Process and apply deployment template
oc process -f tools/openshift/frontend-dc.yaml -p REPO_NAME=educ-grad-admin \
-p HOST_ROUTE=grad.gov.bc.ca -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
-p APP_NAME=educ-grad-admin -p TAG=${{ steps.get-latest-tag.outputs.tag }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f -
-p HOST_ROUTE=educ-grad-admin-bbe4c3-prod.apps.silver.devops.gov.bc.ca -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
-p APP_NAME=educ-grad-admin -p TAG=${{ steps.get-latest-tag.outputs.tag }} \
-p BASE_URL=grad.gov.bc.ca -p ENVIRONMENT=${{ env.TARGET_ENV }} -p CERTIFICATE=${{ secrets.CERTIFICATE }} -p CA_CERT=${{ secrets.CA_CERT }} -p PRIVATE_KEY=${{ secrets.PRIVATE_KEY }} \
-p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -f -
# Start rollout (if necessary) and follow it
oc rollout latest dc/${{ env.IMAGE_NAME }}-dc 2> /dev/null \
Expand Down
4 changes: 3 additions & 1 deletion .github/workflows/deploy-frontend-to-ocp-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,9 @@ jobs:
# Process and apply deployment template
oc process -f tools/openshift/frontend-dc.yaml -p REPO_NAME=educ-grad-admin \
-p HOST_ROUTE=educ-grad-admin-bbe4c3-test.apps.silver.devops.gov.bc.ca -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
-p APP_NAME=educ-grad-admin -p TAG=${{ steps.get-latest-tag.outputs.tag }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -n bbe4c3-test -f -
-p APP_NAME=educ-grad-admin -p TAG=${{ steps.get-latest-tag.outputs.tag }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
-p BASE_URL=${{ env.TARGET_ENV }}.grad.gov.bc.ca -p ENVIRONMENT=${{ env.TARGET_ENV }} -p CERTIFICATE=${{ secrets.CERTIFICATE }} -p CA_CERT=${{ secrets.CA_CERT }} -p PRIVATE_KEY=${{ secrets.PRIVATE_KEY }} \
-p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} | oc apply -n bbe4c3-test -f -
# Start rollout (if necessary) and follow it
oc rollout latest dc/${{ env.IMAGE_NAME }}-dc 2> /dev/null \
Expand Down
64 changes: 64 additions & 0 deletions tools/openshift/frontend-dc.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,55 @@ objects:
selector:
app: "${APP_NAME}"
deploymentconfig: "${APP_NAME}-frontend-dc"
# route for .grad.gov.bc.ca
- apiVersion: v1
kind: Route
metadata:
annotations:
openshift.io/host.generated: 'true'
labels:
app: "${APP_NAME}"
name: "${APP_NAME}-frontend-${ENVIRONMENT}"
spec:
host: "${BASE_URL}"
to:
kind: Service
name: "${APP_NAME}-frontend"
weight: 100
wildcardPolicy: None
port:
targetPort: 2015-tcp
tls:
caCertificate: "${CA_CERT}"
certificate: "${CERTIFICATE}"
insecureEdgeTerminationPolicy: Redirect
key: "${PRIVATE_KEY}"
termination: edge
# route for backend .grad.gov.bc.ca/api
- apiVersion: v1
kind: Route
metadata:
annotations:
openshift.io/host.generated: 'true'
labels:
app: "${APP_NAME}"
name: "${APP_NAME}-backend-${ENVIRONMENT}"
spec:
host: "${BASE_URL}"
path: "/api"
to:
kind: Service
name: "${APP_NAME}-backend"
weight: 100
wildcardPolicy: None
port:
targetPort: 8080-tcp
tls:
caCertificate: "${CA_CERT}"
certificate: "${CERTIFICATE}"
insecureEdgeTerminationPolicy: Redirect
key: "${PRIVATE_KEY}"
termination: edge
- apiVersion: v1
kind: Route
metadata:
Expand Down Expand Up @@ -179,3 +228,18 @@ parameters:
- name: MAX_MEM
description: The maximum amount of memory
required: true
- name: ENVIRONMENT
description: dev, test, prod
required: true
- name: CA_CERT
description: The CA Certificate
required: true
- name: CERTIFICATE
description: The Certificate
required: true
- name: PRIVATE_KEY
description: The private key
required: true
- name: BASE_URL
description: Base url. Example dev.grad.gov.bc.ca. Not prepended with https://
required: true

0 comments on commit bad8513

Please sign in to comment.