diff --git a/.github/workflows/actions/deploy/action.yaml b/.github/workflows/actions/deploy/action.yaml index 8f6a14f1..f659da80 100644 --- a/.github/workflows/actions/deploy/action.yaml +++ b/.github/workflows/actions/deploy/action.yaml @@ -84,14 +84,14 @@ runs: echo starting rollout in ${{ inputs.namespace }} oc -n ${{ inputs.namespace }} rollout status dc/${{ inputs.deployment_configuration }} --watch - # - name: Rocket.Chat Notification - # uses: RocketChat/Rocket.Chat.GitHub.Action.Notification@1.1.1 - # if: always() - # with: - # type: ${{ job.status }} - # job_name: '*Deployment to ${{ inputs.environment }}*' - # mention: 'here' - # mention_if: 'failure' - # channel: '#ditp-gha-notifications' - # url: ${{ inputs.rocketchat_webhook }} - # commit: true \ No newline at end of file + - name: Rocket.Chat Notification + uses: RocketChat/Rocket.Chat.GitHub.Action.Notification@1.1.1 + if: always() + with: + type: ${{ job.status }} + job_name: '*Deployment to ${{ inputs.environment }}*' + mention: 'here' + mention_if: 'failure' + channel: '#ditp-gha-notifications' + url: ${{ inputs.rocketchat_webhook }} + commit: true \ No newline at end of file diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 70060934..c268030b 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -4,7 +4,7 @@ on: workflow_dispatch: inputs: tag: - description: 'Define the tag for thecode' + description: 'Define the tag for the code' required: false branch: description: 'Define branch name' @@ -54,8 +54,12 @@ jobs: - service: aries-endorser-api GIT_REPO_URL: hyperledger/aries-endorser-service DOCKER_FILE_PATH: Dockerfile.endorser # The docker path, file, is the relative path to the docker file from the root of the repo. - SOURCE_CONTEXT_DIR: endorser # The context dir, context, sets the context for the build. i.e. where the build will source files from - + SOURCE_CONTEXT_DIR: endorser # The context dir, context, sets the context for the build. i.e. where the build will source files from + BASE_SOURCE_IMAGE_REGISTRY: artifacts.developer.gov.bc.ca/docker-remote/ + BASE_SOURCE_IMAGE_NAME: python + BASE_SOURCE_IMAGE_TAG: 3.10-slim-buster + REGISTRY_USERNAME_SECRET_NAME: ARTIFACTORY_USERNAME + REGISTRY_PASSWORD_SECRET_NAME: ARTIFACTORY_PASSWORD outputs: aries-endorser-agent_digest: ${{ steps.digest.outputs.aries-endorser-agent_digest }} aries-endorser-backup_digest: ${{ steps.digest.outputs.aries-endorser-backup_digest }} @@ -68,25 +72,29 @@ jobs: uses: actions/checkout@v4 with: repository: ${{ matrix.GIT_REPO_URL }} - ref: ${{ github.event.tag }} + ref: ${{ github.event.tag }} if: ${{ github.event.tag != '' }} - name: Checkout uses: actions/checkout@v4 with: repository: ${{ matrix.GIT_REPO_URL }} - ref: ${{ github.event.branch }} + ref: ${{ github.event.branch }} if: ${{ github.event.tag == '' }} - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Pull base image for proxy and Create Docker file if: contains(fromJSON('["aries-endorser-proxy"]'), matrix.service) run: | + if [[ -n "${BASE_SOURCE_IMAGE_REGISTRY}" ]]; then + docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $BASE_SOURCE_IMAGE_REGISTRY + BASE_IMAGE="${BASE_SOURCE_IMAGE_REGISTRY}${BASE_SOURCE_IMAGE_NAME}:${BASE_SOURCE_IMAGE_TAG}" + else docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $SOURCE_IMAGE_REGISTRY BASE_IMAGE=${SOURCE_IMAGE_REGISTRY}${SOURCE_IMAGE_NAME}:${SOURCE_IMAGE_TAG} + fi docker pull "${BASE_IMAGE}" mkdir ${context} && cd ${context} echo "FROM ${BASE_IMAGE}" > Dockerfile @@ -96,6 +104,9 @@ jobs: SOURCE_IMAGE_REGISTRY: ${{ matrix.SOURCE_IMAGE_REGISTRY }} SOURCE_IMAGE_NAME: ${{ matrix.SOURCE_IMAGE_NAME }} SOURCE_IMAGE_TAG: ${{ matrix.SOURCE_IMAGE_TAG }} + BASE_SOURCE_IMAGE_REGISTRY: ${{ matrix.BASE_SOURCE_IMAGE_REGISTRY }} + BASE_SOURCE_IMAGE_NAME: ${{ matrix.BASE_SOURCE_IMAGE_NAME }} + BASE_SOURCE_IMAGE_TAG: ${{ matrix.BASE_SOURCE_IMAGE_TAG }} REGISTRY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} REGISTRY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} @@ -122,7 +133,25 @@ jobs: type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} type=sha,value=latest - + + - name: Update Docker base image and pull the base image if access is required + if: matrix.BASE_SOURCE_IMAGE_REGISTRY != '' && contains(fromJSON('["aries-endorser-db","aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) + run: | + if [[ -n "${REGISTRY_USERNAME}" ]]; then + docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $BASE_SOURCE_IMAGE_REGISTRY + fi + BASE_IMAGE="${BASE_SOURCE_IMAGE_REGISTRY}${BASE_SOURCE_IMAGE_NAME}:${BASE_SOURCE_IMAGE_TAG}" + sed -i -e "s;FROM .*;FROM ${BASE_IMAGE};g" "$file" + docker pull $BASE_IMAGE + env: + context: ${{ matrix.SOURCE_CONTEXT_DIR }} + BASE_SOURCE_IMAGE_REGISTRY: ${{ matrix.BASE_SOURCE_IMAGE_REGISTRY }} + BASE_SOURCE_IMAGE_NAME: ${{ matrix.BASE_SOURCE_IMAGE_NAME }} + BASE_SOURCE_IMAGE_TAG: ${{ matrix.BASE_SOURCE_IMAGE_TAG }} + file: ${{ matrix.SOURCE_CONTEXT_DIR }}/${{ matrix.DOCKER_FILE_PATH }} + REGISTRY_USERNAME: ${{ secrets[matrix.REGISTRY_USERNAME_SECRET_NAME]}} + REGISTRY_PASSWORD: ${{ secrets[matrix.REGISTRY_PASSWORD_SECRET_NAME]}} + - name: Build and push Docker image id: docker_build if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) @@ -185,10 +214,7 @@ jobs: echo 'digest=${digest}' echo "${{ matrix.service }}_digest=${digest}" >> $GITHUB_OUTPUT cat $GITHUB_OUTPUT -<<<<<<< HEAD - -======= ->>>>>>> 75dd3452af8946bd6347ac3909ed344649da182c + deploy2dev: needs: build env: @@ -224,7 +250,7 @@ jobs: namespace: ${{ vars.NAMESPACE }} deployment_configuration: ${{ matrix.service }} openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} - # rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} + rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} # docker pull ghcr.io/bcgov/dts-endorser-service@sha256:57f946ab1053726ac6fcb71c85a98d355e926904ebe26db4798353668b3f6c68