diff --git a/.github/workflows/actions/deploy/action.yaml b/.github/workflows/actions/deploy/action.yaml index 44b922a0..f659da80 100644 --- a/.github/workflows/actions/deploy/action.yaml +++ b/.github/workflows/actions/deploy/action.yaml @@ -69,7 +69,7 @@ runs: run: | docker pull ${{ inputs.github_image_name }}@${{ inputs.image_digest }} docker tag ${{ inputs.github_image_name }}@${{ inputs.image_digest }} ${{ inputs.github_image_name }}:${{ inputs.environment }} - docker push ${{ inputs.github_image_name }}${{ inputs.matrix_service }}:${{ inputs.environment }} + docker push ${{ inputs.github_image_name }}:${{ inputs.environment }} - name: Tag the image in the OpenShift container registry as ${{ inputs.environment }} shell: bash diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index e36ad53f..81945ef5 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -13,8 +13,8 @@ concurrency: env: GITHUB_IMAGE_REPO: ghcr.io/bcgov/dts-endorser-service/ OPENSHIFT_IMAGE_REPO: image-registry.apps.silver.devops.gov.bc.ca/4a9599-tools/ - APP_NAMES: aries-endorser-agent,aries-endorser-db,aries-endorser-backup,aries-endorser-proxy,aries-endorser-api - TAGS: v1 ${{ github.sha }} + APP_NAMES: aries-endorser-agent,aries-endorser-db,aries-endorser-backup,aries-endorser-proxy,aries-endorser-api + jobs: build: if: (github.repository == 'bcgov/dts-endorser-service') || (github.event_name == 'workflow_dispatch') @@ -26,11 +26,11 @@ jobs: matrix: include: - service: aries-endorser-agent - GIT_REPO_URL: bcgov/aries-endorser-service + GIT_REPO_URL: hyperledger/aries-endorser-service DOCKER_FILE_PATH: Dockerfile.acapy # The docker path, file, is the relative path to the docker file from the root of the repo. SOURCE_CONTEXT_DIR: docker/acapy # The context dir, context, sets the context for the build. i.e. where the build will source files from - service: aries-endorser-db - GIT_REPO_URL: bcgov/aries-endorser-service + GIT_REPO_URL: hyperledger/aries-endorser-service PATH: docker/wallet/config BUILDER_IMAGE: 'quay.io/fedora/postgresql-13:13' - service: aries-endorser-backup @@ -41,7 +41,7 @@ jobs: DOCKER_FILE_PATH: Dockerfile # The docker path, file, is the relative path to the docker file from the root of the repo. SOURCE_CONTEXT_DIR: proxy # The context dir, context, sets the context for the build. i.e. where the build will source files from - service: aries-endorser-api - GIT_REPO_URL: bcgov/aries-endorser-service + GIT_REPO_URL: hyperledger/aries-endorser-service DOCKER_FILE_PATH: Dockerfile.endorser # The docker path, file, is the relative path to the docker file from the root of the repo. SOURCE_CONTEXT_DIR: endorser # The context dir, context, sets the context for the build. i.e. where the build will source files from @@ -51,19 +51,18 @@ jobs: aries-endorser-api_digest: ${{ steps.digest.outputs.aries-endorser-api_digest }} aries-endorser-proxy_digest: ${{ steps.digest.outputs.aries-endorser-proxy_digest }} aries-endorser-db_digest: ${{ steps.digests.outputs.aries-endorser-db_digest }} - image_digest: ${{ steps.docker_build.outputs.digest }} + steps: - name: Checkout uses: actions/checkout@v4 with: repository: ${{ matrix.GIT_REPO_URL }} - env: - service: ${{ matrix.service }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Pull base image for proxy and Create Docker file + - name: Pull base image for proxy and Create Docker file + if: contains(fromJSON('["aries-endorser-proxy"]'), matrix.service) run: | docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $SOURCE_IMAGE_REGISTRY BASE_IMAGE=${SOURCE_IMAGE_REGISTRY}${SOURCE_IMAGE_NAME}:${SOURCE_IMAGE_TAG} @@ -71,14 +70,13 @@ jobs: mkdir ${context} && cd ${context} echo "FROM ${BASE_IMAGE}" > Dockerfile echo "RUN chown 1001:root /usr/bin/caddy" >> Dockerfile - if: contains(fromJSON('["aries-endorser-proxy"]'), matrix.service) env: context: ${{ matrix.SOURCE_CONTEXT_DIR }} SOURCE_IMAGE_REGISTRY: "artifacts.developer.gov.bc.ca/docker-remote/" SOURCE_IMAGE_NAME: caddy SOURCE_IMAGE_TAG: latest - REGISTRY_USERNAME: ${{ secrets.USERNAME }} - REGISTRY_PASSWORD: ${{ secrets.PASSWORD }} + REGISTRY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} + REGISTRY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} - name: Log in to the GHCR uses: docker/login-action@v3 @@ -102,9 +100,7 @@ jobs: type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} type=sha,value=latest - if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) - env: - service: ${{ matrix.service }} + if: contains(fromJSON('["aries-endorser-db",aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy,"]'), matrix.service) - name: Build and push Docker image id: docker_build @@ -119,15 +115,12 @@ jobs: cache-to: type=gha,mode=max if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) - - name: Pull base image - id: pull_build_image + - name: Pull database image run: | - docker pull ${builder_image} - env: - builder_image: ${{ matrix.BUILDER_IMAGE }} + docker pull ${{ matrix.BUILDER_IMAGE }} if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) - - name: Setup and Build + - name: Build database image id: build_image uses: redhat-actions/s2i-build@v2 with: @@ -135,10 +128,10 @@ jobs: # Builder image for a java project builder_image: ${{ matrix.BUILDER_IMAGE }} image: dts-endorser-service/${{ matrix.service }} - tags: ${{ env.TAGS }} + tags: ${{ steps.meta.outputs.tags }} if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) - - name: Push image + - name: Push database image id: push uses: redhat-actions/push-to-registry@v2 with: @@ -149,68 +142,61 @@ jobs: registry: ghcr.io/bcgov if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) - - name: Print image url + - name: Display ${{ matrix.service }} image results id: digests run: | echo "registry_path=${{ steps.push.outputs.registry-paths }}" - echo "digest=${{ steps.push.outputs.digest }}" digest=${{ steps.push.outputs.digest }} - echo "${service}_digest=${digest}" >> $GITHUB_OUTPUT + echo 'digest=${digest}' + echo "${{ matrix.service }}_digest=${digest}" >> $GITHUB_OUTPUT if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) - env: - service: ${{ matrix.service}} - - name: Display image results + - name: Display ${{ matrix.service}} image results id: digest run: | echo 'imageid=${{ steps.docker_build.outputs.imageid }}' - echo 'digest=${{ steps.docker_build.outputs.digest }}' digest=${{ steps.docker_build.outputs.digest }} - echo "${service}_digest=${digest}" >> $GITHUB_OUTPUT + echo 'digest=${digest}' + echo "${{ matrix.service }}_digest=${digest}" >> $GITHUB_OUTPUT cat $GITHUB_OUTPUT if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) - env: - service: ${{ matrix.service}} - deploy2dev: - needs: build - env: - ENVIRONMENT: dev - aries-endorser-agent_digest: ${{ needs.build.outputs.aries-endorser-agent_digest }} - aries-endorser-db_digest: ${{ needs.build.outputs.aries-endorser-db_digest }} - aries-endorser-api_digest: ${{ needs.build.outputs.aries-endorser-api_digest }} - aries-endorser-proxy_digest: ${{ needs.build.outputs.aries-endorser-proxy_digest }} - aries-endorser-backup_digest: ${{ needs.build.outputs.aries-endorser-backup_digest }} - permissions: - packages: write - runs-on: ubuntu-latest - environment: dev - strategy: - matrix: - include: - - service: aries-endorser-agent - - service: aries-endorser-db - - service: aries-endorser-backup - - service: aries-endorser-proxy - - service: aries-endorser-api + # deploy2dev: + # needs: build + # env: + # ENVIRONMENT: dev + # permissions: + # packages: write + # runs-on: ubuntu-latest + # environment: dev + # strategy: + # # Serialize the deployments + # max-parallel: 1 + # matrix: + # include: + # - service: aries-endorser-db + # - service: aries-endorser-agent + # - service: aries-endorser-backup + # - service: aries-endorser-proxy + # - service: aries-endorser-api - steps: - - name: Checkout - uses: actions/checkout@v4 + # steps: + # - name: Checkout + # uses: actions/checkout@v4 - - name: Deploy to ${{ env.ENVIRONMENT }} - uses: ./.github/workflows/actions/deploy - with: - environment: ${{ env.ENVIRONMENT }} - ghcr_token: ${{ secrets.GITHUB_TOKEN }} - github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ matrix.service }} - image_digest: ${{ needs.build.outputs[format ('{0}_digest', matrix.service)] }} - openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ matrix.service }} - openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} - namespace: ${{ vars.NAMESPACE }} - deployment_configuration: ${{ matrix.service }} - openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} - rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} + # - name: Deploy to ${{ env.ENVIRONMENT }} + # uses: ./.github/workflows/actions/deploy + # with: + # environment: ${{ env.ENVIRONMENT }} + # ghcr_token: ${{ secrets.GITHUB_TOKEN }} + # github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ matrix.service }} + # image_digest: ${{ needs.build.outputs[format ('{0}_digest', matrix.service)] }} + # openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ matrix.service }} + # openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} + # namespace: ${{ vars.NAMESPACE }} + # deployment_configuration: ${{ matrix.service }} + # openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} + # rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} # docker pull ghcr.io/bcgov/dts-endorser-service@sha256:57f946ab1053726ac6fcb71c85a98d355e926904ebe26db4798353668b3f6c68