Skip to content

feat(be:FSADT1-1575): Create read-only Client Summary (BE) (#1331) #381

feat(be:FSADT1-1575): Create read-only Client Summary (BE) (#1331)

feat(be:FSADT1-1575): Create read-only Client Summary (BE) (#1331) #381

Workflow file for this run

name: Merge
on:
push:
branches: [main]
paths-ignore:
- ".github/ISSUE_TEMPLATE/*"
- "**.md"
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true
jobs:
vars:
name: Set Variables
outputs:
pr: ${{ steps.pr.outputs.pr }}
runs-on: ubuntu-24.04
timeout-minutes: 1
steps:
# Get PR number for squash merges to main
- name: PR Number
id: pr
uses: bcgov-nr/[email protected]
test-init:
name: TEST Init
env:
ZONE: test
URL: forestclient-tst.nrs.gov.bc.ca
environment: test
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Deploys
uses: bcgov-nr/[email protected]
with:
file: common/openshift.init.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
-p ORACLEDB_USER=${{ secrets.ORACLEDB_USERNAME }}
-p ORACLEDB_PASSWORD=${{ secrets.ORACLEDB_PASSWORD }}
-p ORACLEDB_USER_W=${{ secrets.ORACLEDB_USERNAME_W }}
-p ORACLEDB_PASSWORD_W=${{ secrets.ORACLEDB_PASSWORD_W }}
-p ORACLEDB_DATABASE=${{ secrets.ORACLEDB_DATABASE }}
-p ORACLEDB_HOST=${{ secrets.ORACLEDB_HOST }}
-p ORACLEDB_SERVICENAME=${{ secrets.ORACLEDB_SERVICENAME }}
-p ORACLEDB_SECRET=${{ secrets.ORACLEDB_SECRET }}
-p BCREGISTRY_KEY='${{ secrets.BCREGISTRY_KEY }}'
-p BCREGISTRY_ACCOUNT='${{ secrets.BCREGISTRY_ACCOUNT }}'
-p CHES_CLIENT_ID=${{ secrets.CHES_CLIENT_ID }}
-p CHES_CLIENT_SECRET=${{ secrets.CHES_CLIENT_SECRET }}
-p ADDRESS_COMPLETE_KEY=${{ secrets.ADDRESS_COMPLETE_KEY }}
-p DB_PASSWORD=${{ secrets.DB_PASSWORD }}
-p COGNITO_USER_POOL=${{ secrets.COGNITO_USER_POOL }}
-p COGNITO_ENVIRONMENT=TEST
-p CHES_MAIL_COPY=${{ secrets.CHES_MAIL_COPY }}
test-deploy:
name: TEST Deployment
needs: [test-init, vars]
env:
TAG: ${{ needs.vars.outputs.pr }}
URL: forestclient-tst.nrs.gov.bc.ca
ZONE: test
environment: test
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Deploy Database Backup
uses: bcgov-nr/[email protected]
with:
file: database/openshift.backup.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
- name: Backup database before update
continue-on-error: true
run: |
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }}
# Run a backup before deploying a new version
oc create job --from=cronjob/${{ github.event.repository.name }}-${{ env.ZONE }}-database-backup ${{ github.event.repository.name }}-${{ env.ZONE }}-database-backup-$(date +%Y%m%d%H%M%S)
- name: Deploy Database
uses: bcgov-nr/[email protected]
with:
file: database/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: false
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
- name: Deploy Legacy
uses: bcgov-nr/[email protected]
with:
file: legacy/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
-p ENVIRONMENT=${{ secrets.OC_NAMESPACE }}
- name: Deploy Processor
uses: bcgov-nr/[email protected]
with:
file: processor/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
-p BCREGISTRY_URI='https://bcregistry-prod.apigee.net'
- name: Deploy Backend ConfigMap
uses: bcgov-nr/[email protected]
with:
file: backend/openshift.configmap.test.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
- name: Deploy Backend
uses: bcgov-nr/[email protected]
with:
file: backend/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
-p CHES_TOKEN_URL='https://loginproxy.gov.bc.ca/auth/realms/comsvcauth/protocol/openid-connect/token'
-p CHES_API_URL='https://ches.api.gov.bc.ca/api/v1'
-p BCREGISTRY_URI='https://bcregistry-prod.apigee.net'
-p COGNITO_REGION=ca-central-1
-p FRONTEND_URL=${{ env.URL }}
- name: Dev data replacement
uses: bcgov-nr/[email protected]
with:
file: database/openshift.dev.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters: -p ZONE=${{ env.ZONE }}
- name: Deploy Frontend ConfigMap
uses: bcgov-nr/[email protected]
with:
file: frontend/openshift.configmap.test.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
- name: Deploy Frontend
uses: bcgov-nr/[email protected]
with:
file: frontend/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
-p GREEN_DOMAIN=${{ secrets.GREEN_DOMAIN }}
-p VITE_NODE_ENV=openshift-${{ env.ZONE }}
-p URL=${{ env.URL }}
-p COGNITO_REGION=${{ secrets.COGNITO_REGION }}
-p COGNITO_CLIENT_ID=${{ secrets.COGNITO_CLIENT_ID }}
-p COGNITO_USER_POOL=${{ secrets.COGNITO_USER_POOL }}
-p COGNITO_DOMAIN=${{ secrets.COGNITO_DOMAIN }}
-p COGNITO_ENVIRONMENT=TEST
-p LANDING_URL='${{ secrets.COGNITO_LOGOUT_URI }}'
-p FRONTEND_URL=${{ env.URL }}
prod-init:
name: PROD Init
needs: [test-deploy]
env:
URL: forestclient.nrs.gov.bc.ca
ZONE: prod
environment: prod
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Deploys
uses: bcgov-nr/[email protected]
with:
file: common/openshift.init.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
-p ORACLEDB_USER=${{ secrets.ORACLEDB_USERNAME }}
-p ORACLEDB_PASSWORD=${{ secrets.ORACLEDB_PASSWORD }}
-p ORACLEDB_USER_W=${{ secrets.ORACLEDB_USERNAME_W }}
-p ORACLEDB_PASSWORD_W=${{ secrets.ORACLEDB_PASSWORD_W }}
-p ORACLEDB_DATABASE=${{ secrets.ORACLEDB_DATABASE }}
-p ORACLEDB_HOST=${{ secrets.ORACLEDB_HOST }}
-p ORACLEDB_SERVICENAME=${{ secrets.ORACLEDB_SERVICENAME }}
-p ORACLEDB_SECRET=${{ secrets.ORACLEDB_SECRET }}
-p BCREGISTRY_KEY='${{ secrets.BCREGISTRY_KEY }}'
-p BCREGISTRY_ACCOUNT='${{ secrets.BCREGISTRY_ACCOUNT }}'
-p CHES_CLIENT_ID=${{ secrets.CHES_CLIENT_ID }}
-p CHES_CLIENT_SECRET=${{ secrets.CHES_CLIENT_SECRET }}
-p ADDRESS_COMPLETE_KEY=${{ secrets.ADDRESS_COMPLETE_KEY }}
-p DB_PASSWORD=${{ secrets.DB_PASSWORD }}
-p COGNITO_USER_POOL=${{ secrets.COGNITO_USER_POOL }}
-p COGNITO_ENVIRONMENT=PROD
-p CHES_MAIL_COPY=${{ secrets.CHES_MAIL_COPY }}
prod-deploy:
name: PROD Deployment
needs: [prod-init, vars]
env:
TAG: ${{ needs.vars.outputs.pr }}
URL: forestclient.nrs.gov.bc.ca
ZONE: prod
environment: prod
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Deploy Database Backup
uses: bcgov-nr/[email protected]
with:
file: database/openshift.backup.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
- name: Install CLI tools from OpenShift Mirror
uses: redhat-actions/openshift-tools-installer@v1
with:
oc: "4.13"
- name: Backup database before update
continue-on-error: true
run: |
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }} # Safeguard!
# Run a backup before deploying a new version
oc create job --from=cronjob/${{ github.event.repository.name }}-${{ env.ZONE }}-database-backup ${{ github.event.repository.name }}-${{ env.ZONE }}-database-backup-$(date +%Y%m%d%H%M%S)
- name: Deploy Database
uses: bcgov-nr/[email protected]
with:
file: database/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: false
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
- name: Deploy Legacy
uses: bcgov-nr/[email protected]
with:
file: legacy/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
-p ENVIRONMENT=${{ secrets.OC_NAMESPACE }}
- name: Deploy Processor
uses: bcgov-nr/[email protected]
with:
file: processor/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
-p BCREGISTRY_URI='https://bcregistry-prod.apigee.net'
- name: Deploy Backend ConfigMap
uses: bcgov-nr/[email protected]
with:
file: backend/openshift.configmap.prod.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
- name: Deploy Backend
uses: bcgov-nr/[email protected]
with:
file: backend/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
verification_path: health
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
-p CHES_TOKEN_URL='https://loginproxy.gov.bc.ca/auth/realms/comsvcauth/protocol/openid-connect/token'
-p CHES_API_URL='https://ches.api.gov.bc.ca/api/v1'
-p BCREGISTRY_URI='https://bcregistry-prod.apigee.net'
-p COGNITO_REGION=ca-central-1
-p FRONTEND_URL=${{ env.URL }}
- name: Deploy Frontend ConfigMap
uses: bcgov-nr/[email protected]
with:
file: frontend/openshift.configmap.prod.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
- name: Deploy Frontend
uses: bcgov-nr/[email protected]
with:
file: frontend/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: true
parameters:
-p ZONE=${{ env.ZONE }}
-p TAG=${{ env.TAG }}
-p GREEN_DOMAIN=${{ secrets.GREEN_DOMAIN }}
-p VITE_NODE_ENV=openshift-${{ env.ZONE }}
-p URL=${{ env.URL }}
-p COGNITO_REGION=${{ secrets.COGNITO_REGION }}
-p COGNITO_CLIENT_ID=${{ secrets.COGNITO_CLIENT_ID }}
-p COGNITO_USER_POOL=${{ secrets.COGNITO_USER_POOL }}
-p COGNITO_DOMAIN=${{ secrets.COGNITO_DOMAIN }}
-p COGNITO_ENVIRONMENT=PROD
-p LANDING_URL='${{ secrets.COGNITO_LOGOUT_URI }}'
-p FRONTEND_URL=${{ env.URL }}
images-prod:
name: Promote images to PROD
needs: [prod-deploy]
runs-on: ubuntu-24.04
strategy:
matrix:
component: [backend, frontend, legacy, database, processor]
steps:
- uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.component }}
target: test
tags: prod
release:
name: Release
needs: [prod-deploy]
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Conventional Changelog Update
uses: TriPSs/conventional-changelog-action@v5
id: changelog
continue-on-error: true
with:
github-token: ${{ github.token }}
output-file: "CHANGELOG.md"
skip-version-file: "true"
skip-commit: "true"
git-push: "true"
- name: Create Release
uses: softprops/action-gh-release@v2
if: ${{ steps.changelog.outputs.tag != '' }}
continue-on-error: true
env:
GITHUB_TOKEN: ${{ github.token }}
with:
token: ${{ github.token }}
tag_name: ${{ steps.changelog.outputs.tag }}
name: ${{ steps.changelog.outputs.tag }}
body: ${{ steps.changelog.outputs.clean_changelog }}