-
Notifications
You must be signed in to change notification settings - Fork 57
140 lines (123 loc) · 5.52 KB
/
pull-request-appointment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: Pull Request Deploy-appointment
on:
workflow_dispatch:
inputs:
pr-number:
description: "Pull Request Number:"
type: string
required: true
namespace:
description: "Deploy To:"
type: choice
required: true
options:
- The Q Dev
- QMS Dev
- The Q Test
jobs:
##### SETUP ##################################################################
parse-inputs:
name: refs/pull/${{ github.event.inputs.pr-number }}/head to ${{ github.event.inputs.namespace }}
runs-on: ubuntu-latest
outputs:
environment: ${{ steps.parse.outputs.environment }}
image-tag: ${{ steps.parse.outputs.image-tag }}
push-qms: ${{ steps.parse.outputs.push-qms }}
push-theq: ${{ steps.parse.outputs.push-theq }}
ref: ${{ steps.parse.outputs.ref }}
steps:
# Use the input values to create more coding-friendly values.
- name: Parse Inputs
id: parse
run: |
# Gets "dev" or "test".
ENVIRONMENT=$(echo ${{ github.event.inputs.namespace }} | \
awk -F' ' '{print $NF}' | tr '[:upper:]' '[:lower:]')
echo ENVIRONMENT:$ENVIRONMENT
echo "environment=$ENVIRONMENT" >> $GITHUB_OUTPUT
IMAGE_TAG=pr${{ github.event.inputs.pr-number }}
echo IMAGE_TAG:$IMAGE_TAG
echo "image-tag=$IMAGE_TAG" >> $GITHUB_OUTPUT
if [ $GITHUB_REPOSITORY_OWNER != "bcgov" ]; then
# Never push in forks - useful and safer for development.
PUSH_QMS=false
PUSH_THEQ=false
elif [[ "${{ github.event.inputs.namespace }}" == QMS* ]]; then
PUSH_QMS=true
PUSH_THEQ=false
else
PUSH_QMS=false
PUSH_THEQ=true
fi
echo PUSH_QMS:$PUSH_QMS
echo "push-qms=$PUSH_QMS" >> $GITHUB_OUTPUT
echo PUSH_THEQ:$PUSH_THEQ
echo "push-theq=$PUSH_THEQ" >> $GITHUB_OUTPUT
REF=refs/pull/${{ github.event.inputs.pr-number }}/head
echo REF:$REF
echo "ref=$REF" >> $GITHUB_OUTPUT
##### TEST ###################################################################
appointment-frontend-cypress:
name: Appointment Frontend Cypress
needs: parse-inputs
uses: ./.github/workflows/tyu-reusable-appointment-frontend-cypress.yaml
secrets:
bceid-endpoint: ${{ secrets.CYPRESS_BCEID_ENDPOINT }}
bceid-password: ${{ secrets.CYPRESS_BCEID_PASSWORD }}
bceid-username: ${{ secrets.CYPRESS_BCEID_USERNAME }}
cypress-project-id: ${{ secrets.CYPRESS_PROJECT_ID }}
cypress-record-key: ${{ secrets.CYPRESS_RECORD_KEY }}
keycloak-auth-url: ${{ secrets.KEYCLOAK_AUTH_URL_DEV }}/auth/
keycloak-client: ${{ secrets.KEYCLOAK_APPOINTMENTS_FRONTEND_CLIENT }}
keycloak-realm: ${{ secrets.KEYCLOAK_REALM }}
with:
ref: ${{ needs.parse-inputs.outputs.ref }}
##### BUILD ##################################################################
appointment-frontend:
name: appointment-frontend
needs: [parse-inputs, appointment-frontend-cypress]
uses: ./.github/workflows/reusable-build-dockerfile.yaml
secrets:
artifactory-password: ${{ secrets.ARTIFACTORY_PASSWORD }}
artifactory-registry: ${{ secrets.ARTIFACTORY_REGISTRY }}
artifactory-username: ${{ secrets.ARTIFACTORY_USERNAME }}
namespace-theq: ${{ secrets.LICENCE_PLATE_THEQ }}-tools
namespace-theq-password: ${{ secrets.SA_PASSWORD_THEQ_TOOLS }}
namespace-theq-username: ${{ secrets.SA_USERNAME }}
namespace-qms: ${{ secrets.LICENCE_PLATE_QMS }}-tools
namespace-qms-password: ${{ secrets.SA_PASSWORD_QMS_TOOLS }}
namespace-qms-username: ${{ secrets.SA_USERNAME }}
openshift-registry: ${{ secrets.OPENSHIFT_REGISTRY }}
with:
ref: ${{ needs.parse-inputs.outputs.ref }}
directory: appointment-frontend
image-name: appointment-nginx-frontend
image-tags: ${{ needs.parse-inputs.outputs.image-tag }}
push-qms: ${{ needs.parse-inputs.outputs.push-qms == 'true' }}
push-theq: ${{ needs.parse-inputs.outputs.push-theq == 'true' }}
##### DEPLOY #################################################################
tag:
name: Tag
if: github.repository_owner == 'bcgov'
needs: [parse-inputs, appointment-frontend]
uses: ./.github/workflows/reusable-tag-image.yaml
secrets:
licence-plate: ${{ needs.parse-inputs.outputs.push-qms == 'true' && secrets.LICENCE_PLATE_QMS || secrets.LICENCE_PLATE_THEQ }}
openshift-api: ${{ secrets.OPENSHIFT_API }}
token: ${{ needs.parse-inputs.outputs.push-qms == 'true' && secrets.SA_PASSWORD_QMS_TOOLS || secrets.SA_PASSWORD_THEQ_TOOLS }}
with:
image-names: appointment-nginx-frontend
tag-from: ${{ needs.parse-inputs.outputs.image-tag }}
tag-to: ${{ needs.parse-inputs.outputs.environment }}
wait-for-rollouts:
name: Wait for Rollouts
if: github.repository_owner == 'bcgov'
needs: [parse-inputs, tag]
uses: ./.github/workflows/reusable-wait-for-rollouts.yaml
secrets:
licence-plate: ${{ needs.parse-inputs.outputs.push-qms == 'true' && secrets.LICENCE_PLATE_QMS || secrets.LICENCE_PLATE_THEQ }}
openshift-api: ${{ secrets.OPENSHIFT_API }}
token: ${{ needs.parse-inputs.outputs.push-qms == 'true' && secrets.SA_PASSWORD_QMS_DEV || ( needs.parse-inputs.outputs.environment == 'dev' && secrets.SA_PASSWORD_THEQ_DEV || secrets.SA_PASSWORD_THEQ_TEST ) }}
with:
image-names: appointment-nginx-frontend-${{ needs.parse-inputs.outputs.environment }}
tag-to: ${{ needs.parse-inputs.outputs.environment }}