Skip to content

Commit

Permalink
chore: refactoring workflows (#1346)
Browse files Browse the repository at this point in the history 
* chore: refactoring workflows

* chore: forcing a new build

* chore: updating yml

* chore: forcing new build

* chore: changing yml

* chore: removing version

* chore: forcing new build

* chore: updating validate

* chore: updating workflows

* Use workflow_call for .automated-tests

* Test

* Test

* Cleanup

* Workflow calls for Deploy Tools

* Workflow calls for Deploy Tools

* Remove extra job

* chore: updating workflow order

* chore: changing tools order

* chore: passing secrets down

* chore: fixing FE security issue

---------

Co-authored-by: Maria Martinez <[email protected]>
Co-authored-by: Derek Roberts <[email protected]>
  • Loading branch information
@paulushcgcj @mamartinezmejia @DerekRoberts
3 people authored Dec 19, 2024
1 parent 803f583 commit 233b47a
Show file tree
Hide file tree
Showing 10 changed files with 323 additions and 413 deletions.
88 changes: 88 additions & 0 deletions .github/workflows/.automated-tests.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
name: Automated user flow tests

on:
workflow_call:
inputs:
url:
required: true
type: string

jobs:
cypress-run:
name: "User flow test"
runs-on: ubuntu-24.04
environment: tools
steps:
- name: Checkout
uses: actions/checkout@v4

- uses: actions/setup-node@v4
name: Start node
with:
node-version: 18

- name: Run Cypress End-to-End
uses: cypress-io/github-action@v5
with:
working-directory: cypress
env:
CYPRESS_baseUrl: https://${{ inputs.url }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CYPRESS_editor_password: ${{ secrets.UAT_EDITOR_PASSWORD }}
CYPRESS_editor_username: ${{ secrets.UAT_EDITOR_USERNAME }}
CYPRESS_admin_password: ${{ secrets.UAT_ADMIN_PASSWORD }}
CYPRESS_admin_username: ${{ secrets.UAT_ADMIN_USERNAME }}
CYPRESS_viewer_password: ${{ secrets.UAT_VIEWER_PASSWORD }}
CYPRESS_viewer_username: ${{ secrets.UAT_VIEWER_USERNAME }}
CYPRESS_bceid_password: ${{ secrets.UAT_BCEID_PASSWORD }}
CYPRESS_bceid_username: ${{ secrets.UAT_BCEID_USERNAME }}
CYPRESS_bcsc_password: ${{ secrets.UAT_BCSC_PASSWORD }}
CYPRESS_bcsc_username: ${{ secrets.UAT_BCSC_USERNAME }}

- name: Publish Cypress Results
uses: mikepenz/action-junit-report@v5
continue-on-error: true
if: always()
with:
report_paths: cypress/result.xml
commit: ${{ github.event.pull_request.head.sha }}
summary: Cypress Test Results
detailed_summary: true
job_name: User Journeys

- name: Check for Cypress Screenshots and Videos
run: |
if [ -d "cypress/cypress/screenshots" ] && [ "$(ls -A cypress/cypress/screenshots)" ]; then
echo "Screenshots folder is not empty, uploading artifacts."
echo "screenshots=true" >> $GITHUB_OUTPUT
else
echo "Screenshots folder is empty or does not exist."
echo "screenshots=false" >> $GITHUB_OUTPUT
fi
if [ -d "cypress/cypress/videos" ] && [ "$(ls -A cypress/cypress/videos)" ]; then
echo "Videos folder is not empty, uploading artifacts."
echo "videos=true" >> $GITHUB_OUTPUT
else
echo "Videos folder is empty or does not exist."
echo "videos=false" >> $GITHUB_OUTPUT
fi
id: check_artifacts

- uses: actions/upload-artifact@v4
name: Upload Cypress Screenshots
if: always()
with:
name: cypress-screenshots
path: cypress/cypress/screenshots
retention-days: 7

- uses: actions/upload-artifact@v4
name: Upload Cypress Videos
if: always()
with:
name: cypress-videos
path: cypress/cypress/videos
retention-days: 7
37 changes: 37 additions & 0 deletions .github/workflows/.tools-cleanup.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
name: Tools environment cleanup

on:
workflow_call:

jobs:
tools-cleanup:
name: Cleanup tools environment
environment: tools
runs-on: ubuntu-24.04
steps:
- name: Install CLI tools from OpenShift Mirror
uses: redhat-actions/openshift-tools-installer@v1
with:
oc: "4.13"

- name: Remove the PR database
continue-on-error: true
run: |
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }} # Safeguard!
# This removes a new pluggable database, user and service for the PR
for i in {1..5}; do
POD_NAME=$(oc get pods -l app=nr-forest-client-tools -l deployment=nr-forest-client-tools-legacydb -o jsonpath='{.items[0].metadata.name}' 2>/dev/null)
if [ -n "$POD_NAME" ]; then
echo "Pod found: $POD_NAME"
oc exec $POD_NAME -- /opt/oracle/removeDatabase "THE" "PR_${{ github.event.number }}"
break
else
echo "Pod not found, retrying in 10 seconds... ($i/5)"
sleep 10
fi
done
if [ -z "$POD_NAME" ]; then
echo "Failed to find the pod after 5 attempts."
fi
171 changes: 171 additions & 0 deletions .github/workflows/.tools-deploy.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,171 @@
name: Tools deployment

on:
pull_request:

concurrency:
# PR open and close use the same group, allowing only one at a time
group: tools-${{ github.event.number }}
cancel-in-progress: true

jobs:
builds:
name: Builds
runs-on: ubuntu-24.04
permissions:
packages: write
steps:
- uses: bcgov-nr/[email protected]
name: Build (legacydb)
with:
package: legacydb
tag: ${{ github.event.number }}
tag_fallback: latest
triggers: ('legacydb/')
build_args: |
APP_VERSION=${{ github.event.number }}
pre-tools:
name: Pre Deploy Tools
needs: [builds]
environment: dev
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Install CLI tools from OpenShift Mirror
uses: redhat-actions/openshift-tools-installer@v1
with:
oc: "4.13"
- name: Scale down legacy
continue-on-error: true
run: |
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }} # Safeguard!
oc scale deployment/nr-forest-client-${{ github.event.number }}-legacy --replicas=0 -n ${{ secrets.OC_NAMESPACE }}
undesired_replicas=0
while true; do
available_replicas=$(oc get deployment/nr-forest-client-${{ github.event.number }}-legacy -n ${{ secrets.OC_NAMESPACE }} -o jsonpath='{.status.availableReplicas}')
if [[ "$available_replicas" -ge "$undesired_replicas" ]]; then
echo "DeploymentConfig ${{ secrets.OC_NAMESPACE }}-${{ github.event.number }}-legacy is now available with $available_replicas replicas."
break
fi
echo "Waiting... ($available_replicas pods available)"
sleep 5
done
deploy-oracle:
name: Deploy Oracle Database
needs: [pre-tools, builds]
environment: tools
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4

- name: Initializing Deployment
uses: bcgov-nr/[email protected]
with:
file: legacydb/openshift.deploy.yml
oc_namespace: ${{ secrets.OC_NAMESPACE }}
oc_server: ${{ secrets.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
oc_version: "4.13"
overwrite: false
parameters:
-p ZONE=tools
-p ORACLEDB_USER_W=THE
-p ORACLEDB_PASSWORD_W=${{ secrets.ORACLEDB_PASSWORD_W }}
-p TAG=latest

remove-tools:
name: Remove database and user
needs: [deploy-oracle]
secrets: inherit
uses: ./.github/workflows/.tools-cleanup.yml

deploy-tools:
name: Deploy Tools
needs: [remove-tools, deploy-oracle]
environment: tools
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Install CLI tools from OpenShift Mirror
uses: redhat-actions/openshift-tools-installer@v1
with:
oc: "4.13"

- name: Create the PR database
continue-on-error: true
run: |
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }} # Safeguard!
# This creates a new pluggable database for the PR
for i in {1..5}; do
POD_NAME=$(oc get pods -l app=nr-forest-client-tools -l deployment=nr-forest-client-tools-legacydb -o jsonpath='{.items[0].metadata.name}' 2>/dev/null)
if [ -n "$POD_NAME" ]; then
echo "Pod found: $POD_NAME"
oc exec $POD_NAME -- /opt/oracle/createDatabase PR_${{ github.event.number }}
break
else
echo "Pod not found, retrying in 10 seconds... ($i/5)"
sleep 10
fi
done
if [ -z "$POD_NAME" ]; then
echo "Failed to find the pod after 5 attempts."
fi
- name: Create the PR user
continue-on-error: true
run: |
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }} # Safeguard!
# This creates a new pluggable database for the PR
for i in {1..5}; do
POD_NAME=$(oc get pods -l app=nr-forest-client-tools -l deployment=nr-forest-client-tools-legacydb -o jsonpath='{.items[0].metadata.name}' 2>/dev/null)
if [ -n "$POD_NAME" ]; then
echo "Pod found: $POD_NAME"
oc exec $POD_NAME -- /opt/oracle/createAppUser "THE" "${{ secrets.ORACLEDB_PASSWORD_W }}_${{ github.event.number }}" "PR_${{ github.event.number }}"
break
else
echo "Pod not found, retrying in 10 seconds... ($i/5)"
sleep 10
fi
done
if [ -z "$POD_NAME" ]; then
echo "Failed to find the pod after 5 attempts."
fi
- name: Migrate the PR database
continue-on-error: true
run: |
BRANCH_NAME="${{ github.head_ref }}"
# Escape slashes and other special characters
ESCAPED_BRANCH_NAME=$(echo "$BRANCH_NAME" | sed 's/[\/&]/\\&/g')
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }} # Safeguard!
oc create job --from=cronjob/nr-forest-client-tools-migratedb migrate-pr${{ github.event.number }}-${{ github.run_attempt }}-$(date +%s) --dry-run=client -o yaml | sed "s/value: main/value: ${ESCAPED_BRANCH_NAME}/" | sed "s/value: \"0\"/value: \"${{ github.event.number }}\"/" | oc apply -f -
scale-up-legacy:
name: Scale up legacy
needs: [deploy-tools]
environment: dev
if: always()
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Install CLI tools from OpenShift Mirror
uses: redhat-actions/openshift-tools-installer@v1
with:
oc: "4.13"
- name: Start the Legacy Service
continue-on-error: true
run: |
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }} # Safeguard!
oc scale deployment/nr-forest-client-${{ github.event.number }}-legacy --replicas=1
45 changes: 14 additions & 31 deletions .github/workflows/pr-close.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ on:

concurrency:
# PR open and close use the same group, allowing only one at a time
group: ${{ github.event.number }}
group: pr-${{ github.event.number }}
cancel-in-progress: true

jobs:
Expand All @@ -20,35 +20,18 @@ jobs:
cleanup: label
packages: backend database frontend legacy processor

tools-cleanup:
name: Cleanup tools environment
needs: [cleanup]
environment: tools
remove-tools:
name: Remove database and user
secrets: inherit
uses: ./.github/workflows/.tools-cleanup.yml

promote-tools:
name: Promote tools
runs-on: ubuntu-24.04
steps:
- name: Install CLI tools from OpenShift Mirror
uses: redhat-actions/openshift-tools-installer@v1
with:
oc: "4.13"

- name: Remove the PR database
continue-on-error: true
run: |
oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }}
oc project ${{ secrets.OC_NAMESPACE }} # Safeguard!
# This removes a new pluggable database, user and service for the PR
for i in {1..5}; do
POD_NAME=$(oc get pods -l app=nr-forest-client-tools -l deployment=nr-forest-client-tools-legacydb -o jsonpath='{.items[0].metadata.name}' 2>/dev/null)
if [ -n "$POD_NAME" ]; then
echo "Pod found: $POD_NAME"
oc exec $POD_NAME -- /opt/oracle/removeDatabase "THE" "PR_${{ github.event.number }}"
break
else
echo "Pod not found, retrying in 10 seconds... ($i/5)"
sleep 10
fi
done
if [ -z "$POD_NAME" ]; then
echo "Failed to find the pod after 5 attempts."
fi
- uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/legacydb
target: ${{ github.event.number }}
tags: latest
Loading

0 comments on commit 233b47a

Please sign in to comment.