diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 3e58d70a..b307ef2e 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -38,18 +38,18 @@ jobs: - service: aries-endorser-db GIT_REPO_URL: hyperledger/aries-endorser-service GIT_REF: "" - PATH: docker/wallet/config + SOURCE_CONTEXT_DIR: docker/wallet/config SOURCE_IMAGE_REGISTRY: "quay.io/" SOURCE_IMAGE_NAME: "fedora/postgresql-13" SOURCE_IMAGE_TAG: "13" - service: aries-endorser-backup GIT_REPO_URL: BCDevOps/backup-container - GIT_REF: "" + GIT_REF: 2.5.1 DOCKER_FILE_PATH: Dockerfile # The docker path, file, is the relative path to the docker file from the root of the repo. SOURCE_CONTEXT_DIR: docker # The context dir, context, sets the context for the build. i.e. where the build will source files from - SOURCE_IMAGE_REGISTRY: "" - SOURCE_IMAGE_NAME: "" - SOURCE_IMAGE_TAG: "" + SOURCE_IMAGE_REGISTRY: artifacts.developer.gov.bc.ca/docker-remote/ + SOURCE_IMAGE_NAME: centos/postgresql-13-centos7 + SOURCE_IMAGE_TAG: 20210722-70dc4d3 REGISTRY_USERNAME_SECRET_NAME: ARTIFACTORY_USERNAME REGISTRY_PASSWORD_SECRET_NAME: ARTIFACTORY_PASSWORD - service: aries-endorser-proxy @@ -84,8 +84,6 @@ jobs: with: repository: ${{ matrix.GIT_REPO_URL }} ref: ${{ matrix.GIT_REF }} -# ref: github.ref - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -98,23 +96,23 @@ jobs: username: ${{ secrets[matrix.REGISTRY_USERNAME_SECRET_NAME]}} password: ${{ secrets[matrix.REGISTRY_PASSWORD_SECRET_NAME]}} - - name: Create Docker file + - name: Create Dockerfile for ${{ matrix.service }} if: contains(fromJSON('["aries-endorser-proxy"]'), matrix.service) run: | - BASE_IMAGE="${SOURCE_IMAGE_REGISTRY}${SOURCE_IMAGE_NAME}:${SOURCE_IMAGE_TAG}" + BASE_IMAGE="${{ matrix.SOURCE_IMAGE_REGISTRY }}${{ matrix.SOURCE_IMAGE_NAME }}:${{ matrix.SOURCE_IMAGE_TAG }}" echo "$BASE_IMAGE" - mkdir ${context} && cd ${context} + mkdir ${{ matrix.SOURCE_CONTEXT_DIR }} && cd ${{ matrix.SOURCE_CONTEXT_DIR }} echo "FROM ${BASE_IMAGE}" > Dockerfile echo "RUN chown 1001:root /usr/bin/caddy" >> Dockerfile - env: - context: ${{ matrix.SOURCE_CONTEXT_DIR }} - SOURCE_IMAGE_REGISTRY: ${{ matrix.SOURCE_IMAGE_REGISTRY }} - SOURCE_IMAGE_NAME: ${{ matrix.SOURCE_IMAGE_NAME }} - SOURCE_IMAGE_TAG: ${{ matrix.SOURCE_IMAGE_TAG }} + # env: + # context: ${{ matrix.SOURCE_CONTEXT_DIR }} + # SOURCE_IMAGE_REGISTRY: ${{ matrix.SOURCE_IMAGE_REGISTRY }} + # SOURCE_IMAGE_NAME: ${{ matrix.SOURCE_IMAGE_NAME }} + # SOURCE_IMAGE_TAG: ${{ matrix.SOURCE_IMAGE_TAG }} - name: Prepare docker tags for image id: meta - if: contains(fromJSON('["aries-endorser-db","aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) + # if: contains(fromJSON('["aries-endorser-db","aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) uses: docker/metadata-action@v5 with: images: ${{ env.GITHUB_IMAGE_REPO }}${{ matrix.service }} @@ -129,30 +127,30 @@ jobs: type=semver,pattern={{major}} type=sha,value=latest labels: | - io.openshift.build.source-location=${{ github.repositoryUrl }} - io.openshift.build.commit.id=${{ github.sha }} + ca.bc.gov.digitaltrust.build.source-location=${{ github.repositoryUrl }} + ca.bc.gov.digitaltrust.build.commit.id=${{ github.sha }} - name: Update Docker base image if: matrix.SOURCE_IMAGE_REGISTRY != '' && contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) run: | - BASE_IMAGE="${SOURCE_IMAGE_REGISTRY}${SOURCE_IMAGE_NAME}:${SOURCE_IMAGE_TAG}" - sed -i -e "s;FROM .*;FROM ${BASE_IMAGE};g" "$file" - env: - context: ${{ matrix.SOURCE_CONTEXT_DIR }} - SOURCE_IMAGE_REGISTRY: ${{ matrix.SOURCE_IMAGE_REGISTRY }} - SOURCE_IMAGE_NAME: ${{ matrix.SOURCE_IMAGE_NAME }} - SOURCE_IMAGE_TAG: ${{ matrix.SOURCE_IMAGE_TAG }} - file: ${{ matrix.SOURCE_CONTEXT_DIR }}/${{ matrix.DOCKER_FILE_PATH }} + BASE_IMAGE="${{ matrix.SOURCE_IMAGE_REGISTRY }}$${{ matrix.SOURCE_IMAGE_NAME }}:${{ matrix.SOURCE_IMAGE_TAG }}" + sed -i -e "s;FROM .*;FROM ${BASE_IMAGE};g" "${{ matrix.SOURCE_CONTEXT_DIR }}/${{ matrix.DOCKER_FILE_PATH }}" + # env: + # context: ${{ matrix.SOURCE_CONTEXT_DIR }} + # SOURCE_IMAGE_REGISTRY: ${{ matrix.SOURCE_IMAGE_REGISTRY }} + # SOURCE_IMAGE_NAME: ${{ matrix.SOURCE_IMAGE_NAME }} + # SOURCE_IMAGE_TAG: ${{ matrix.SOURCE_IMAGE_TAG }} + # file: ${{ matrix.SOURCE_CONTEXT_DIR }}/${{ matrix.DOCKER_FILE_PATH }} - name: Extract Tags id: extract if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) run: echo "tags=$(echo '${{ steps.meta.outputs.tags }}' | grep -oE ':([^[:space:]]+)' | sed '/workflow/d' | sed 's/://g' | tr '\n' ' ')" >> $GITHUB_OUTPUT - - name: Pull database image - if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) - run: | - docker pull ${{ matrix.SOURCE_IMAGE_REGISTRY }}${{ matrix.SOURCE_IMAGE_NAME }}:${{ matrix.SOURCE_IMAGE_TAG }} + # - name: Pull database image + # if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) + # run: | + # docker pull ${{ matrix.SOURCE_IMAGE_REGISTRY }}${{ matrix.SOURCE_IMAGE_NAME }}:${{ matrix.SOURCE_IMAGE_TAG }} - name: Build database image id: build_image @@ -160,10 +158,12 @@ jobs: uses: redhat-actions/s2i-build@v2 with: path_context: ${{ matrix.PATH }} - # Builder image for a java projectE_IMAG - builder_image: ${{ matrix.SOURCE_IMAGE_REGISTRY }}${{ matrix.SOURCE_IMAGE_NAME }}:${{ matrix.SOURCE_IMAGE_TAG }} + builder_image: "${{ matrix.SOURCE_IMAGE_REGISTRY }}${{ matrix.SOURCE_IMAGE_NAME }}:${{ matrix.SOURCE_IMAGE_TAG }}" image: ${{ matrix.service }} tags: ${{ steps.extract.outputs.tags }} + labels: | + ca.bc.gov.digitaltrust.build.source-location=${{ github.repositoryUrl }} + ca.bc.gov.digitaltrust.build.commit.id=${{ github.sha }} - name: Push database image id: push @@ -176,12 +176,12 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.GITHUB_IMAGE_REPO }} - - name: Log in to the GHCR - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + # - name: Log in to the GHCR + # uses: docker/login-action@v3 + # with: + # registry: ghcr.io + # username: ${{ github.actor }} + # password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image id: docker_build @@ -193,6 +193,9 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} outputs: type=image,name=target + labels: | + ca.bc.gov.digitaltrust.build.source-location=${{ github.repositoryUrl }} + ca.bc.gov.digitaltrust.build.commit.id=${{ github.sha }} - name: Display ${{ matrix.service }} image results id: digests @@ -213,41 +216,41 @@ jobs: echo "${{ matrix.service }}_digest=${digest}" >> $GITHUB_OUTPUT cat $GITHUB_OUTPUT - deploy2dev: - needs: build - env: - ENVIRONMENT: dev - permissions: - packages: write - runs-on: ubuntu-latest - environment: dev - strategy: - # Serialize the deployments - max-parallel: 1 - matrix: - include: - - service: aries-endorser-db - - service: aries-endorser-agent - - service: aries-endorser-backup - - service: aries-endorser-proxy - - service: aries-endorser-api + # deploy2dev: + # needs: build + # env: + # ENVIRONMENT: dev + # permissions: + # packages: write + # runs-on: ubuntu-latest + # environment: dev + # strategy: + # # Serialize the deployments + # max-parallel: 1 + # matrix: + # include: + # - service: aries-endorser-db + # - service: aries-endorser-agent + # - service: aries-endorser-backup + # - service: aries-endorser-proxy + # - service: aries-endorser-api - steps: - - name: Checkout - uses: actions/checkout@v4 + # steps: + # - name: Checkout + # uses: actions/checkout@v4 - - name: Deploy to ${{ env.ENVIRONMENT }} - uses: ./.github/workflows/actions/deploy - with: - environment: ${{ env.ENVIRONMENT }} - ghcr_token: ${{ secrets.GITHUB_TOKEN }} - github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ matrix.service }} - image_digest: ${{ needs.build.outputs[format ('{0}_digest', matrix.service)] }} - openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ matrix.service }} - openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} - namespace: ${{ vars.NAMESPACE }} - deployment_configuration: ${{ matrix.service }} - openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + # - name: Deploy to ${{ env.ENVIRONMENT }} + # uses: ./.github/workflows/actions/deploy + # with: + # environment: ${{ env.ENVIRONMENT }} + # ghcr_token: ${{ secrets.GITHUB_TOKEN }} + # github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ matrix.service }} + # image_digest: ${{ needs.build.outputs[format ('{0}_digest', matrix.service)] }} + # openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ matrix.service }} + # openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} + # namespace: ${{ vars.NAMESPACE }} + # deployment_configuration: ${{ matrix.service }} + # openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} # rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} # # deploy2test: @@ -302,6 +305,4 @@ jobs: # # namespace: ${{ vars.NAMESPACE }} # # deployment_configuration: ${{ env.APP_NAME }} # # openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} - # # rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} - - # # aries-endorser-db, aries-endorser-backup, aries-endorser-proxy, aries-endorser-api \ No newline at end of file + # # rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }}`` \ No newline at end of file