diff --git a/.github/workflows/merge-main.yml b/.github/workflows/merge-main.yml index 5b4b7965..df2fb128 100644 --- a/.github/workflows/merge-main.yml +++ b/.github/workflows/merge-main.yml @@ -16,8 +16,21 @@ concurrency: cancel-in-progress: true jobs: + vars: + name: Set Variables + outputs: + tag: ${{ steps.tag.outputs.tag }} + runs-on: ubuntu-24.04 + timeout-minutes: 1 + steps: + # Get PR number for squash merges to main + - name: PR Number + id: pr + uses: bcgov-nr/action-get-pr@v0.0.1 + deploy-test: name: TEST Deploys + needs: [vars] environment: test env: ZONE: test @@ -62,24 +75,10 @@ jobs: overwrite: ${{ matrix.overwrite }} penetration_test: false parameters: - -p ZONE=${{ env.ZONE }} ${{ matrix.parameters }} + -p ZONE=${{ env.ZONE }} -p TAG=${{ needs.vars.outputs.pr }} + ${{ matrix.parameters }} post_rollout: ${{ matrix.post_rollout }} - prod-promotions: - name: Promote images to PROD - needs: [deploy-test] - runs-on: ubuntu-24.04 - strategy: - matrix: - component: [api, admin, db, public] - steps: - - uses: shrink/actions-docker-registry-tag@v4 - with: - registry: ghcr.io - repository: ${{ github.repository }}/${{ matrix.component }} - target: test - tags: prod - deploy-prod: name: PROD Deploys needs: [prod-promotions] @@ -127,5 +126,21 @@ jobs: overwrite: ${{ matrix.overwrite }} penetration_test: false parameters: - -p ZONE=${{ env.ZONE }} ${{ matrix.parameters }} + -p ZONE=${{ env.ZONE }} -p TAG=${{ needs.vars.outputs.pr }} + ${{ matrix.parameters }} post_rollout: ${{ matrix.post_rollout }} + + prod-promotions: + name: Promote images to PROD + needs: [deploy-prod, vars] + runs-on: ubuntu-24.04 + strategy: + matrix: + component: [api, admin, db, public] + steps: + - uses: shrink/actions-docker-registry-tag@v4 + with: + registry: ghcr.io + repository: ${{ github.repository }}/${{ matrix.component }} + target: ${{ needs.vars.outputs.pr }} + tags: prod diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index 58dab56f..7c583f79 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -113,5 +113,6 @@ jobs: penetration_test: false parameters: -p URL=fom-${{ needs.init.outputs.route_number }}.apps.silver.devops.gov.bc.ca - -p ZONE=${{ github.event.number }} ${{ matrix.parameters }} + -p ZONE=${{ github.event.number }} -p TAG=${{ github.event.number }} + ${{ matrix.parameters }} triggers: ${{ matrix.triggers }} diff --git a/admin/openshift.deploy.yml b/admin/openshift.deploy.yml index 8a11cec1..a575d01c 100644 --- a/admin/openshift.deploy.yml +++ b/admin/openshift.deploy.yml @@ -19,6 +19,9 @@ parameters: - name: ZONE description: Deployment zone, e.g. pr-### or prod required: true + - name: TAG + description: Image tag; e.g. PR number, latest or prod + required: true - name: URL description: Deployment URL, e.g. fom-123.apps.silver.devops.gov.bc.ca or fom.nrs.gov.bc.ca required: true @@ -87,7 +90,7 @@ objects: deployment: ${NAME}-${ZONE}-${COMPONENT} spec: containers: - - image: ${REGISTRY}/${ORG}/nr-fom/${COMPONENT}:${ZONE} + - image: ${REGISTRY}/${ORG}/nr-fom/${COMPONENT}:${TAG} securityContext: capabilities: add: ["NET_BIND_SERVICE"] diff --git a/api/openshift.deploy.yml b/api/openshift.deploy.yml index 61d6dc7a..a819975a 100644 --- a/api/openshift.deploy.yml +++ b/api/openshift.deploy.yml @@ -19,6 +19,9 @@ parameters: - name: ZONE description: Deployment zone, e.g. pr-### or prod required: true + - name: TAG + description: Image tag; e.g. PR number, latest or prod + required: true - name: PORT value: "3333" - name: DB_TESTDATA @@ -134,7 +137,7 @@ objects: deployment: ${NAME}-${ZONE}-${COMPONENT} spec: containers: - - image: ${REGISTRY}/${ORG}/nr-fom/${COMPONENT}:${ZONE} + - image: ${REGISTRY}/${ORG}/nr-fom/${COMPONENT}:${TAG} imagePullPolicy: Always name: ${NAME} env: diff --git a/db/openshift.deploy.yml b/db/openshift.deploy.yml index 1c449f21..67ef64ea 100644 --- a/db/openshift.deploy.yml +++ b/db/openshift.deploy.yml @@ -19,6 +19,9 @@ parameters: - name: ZONE description: Deployment zone, e.g. pr-### or prod required: true + - name: TAG + description: Image tag; e.g. PR number, latest or prod + required: true - description: Volume space available for data, e.g. 512Mi, 2Gi. displayName: Database Volume Capacity name: DB_PVC_SIZE @@ -142,7 +145,7 @@ objects: claimName: ${NAME}-${ZONE}-${COMPONENT} containers: - name: ${NAME} - image: ${REGISTRY}/${ORG}/nr-fom/${COMPONENT}:${ZONE} + image: ${REGISTRY}/${ORG}/nr-fom/${COMPONENT}:${TAG} ports: - containerPort: 5432 protocol: TCP @@ -428,4 +431,4 @@ objects: activeDeadlineSeconds: 1600 dnsPolicy: "ClusterFirst" serviceAccountName: "${JOB_SERVICE_ACCOUNT}" - serviceAccount: "${JOB_SERVICE_ACCOUNT}" \ No newline at end of file + serviceAccount: "${JOB_SERVICE_ACCOUNT}" diff --git a/public/openshift.deploy.yml b/public/openshift.deploy.yml index fd1d31dd..7a030ad0 100644 --- a/public/openshift.deploy.yml +++ b/public/openshift.deploy.yml @@ -19,6 +19,9 @@ parameters: - name: ZONE description: Deployment zone, e.g. pr-### or prod required: true + - name: TAG + description: Image tag; e.g. PR number, latest or prod + required: true - name: URL description: Deployment URL, e.g. fom-123.apps.silver.devops.gov.bc.ca or fom.nrs.gov.bc.ca required: true @@ -84,7 +87,7 @@ objects: deployment: ${NAME}-${ZONE}-${COMPONENT} spec: containers: - - image: ${REGISTRY}/${ORG}/nr-fom/${COMPONENT}:${ZONE} + - image: ${REGISTRY}/${ORG}/nr-fom/${COMPONENT}:${TAG} securityContext: capabilities: add: ["NET_BIND_SERVICE"]