diff --git a/.github/workflows/.deploy.yml b/.github/workflows/.deploy.yml index 3b9b0a7af..1078ab21a 100644 --- a/.github/workflows/.deploy.yml +++ b/.github/workflows/.deploy.yml @@ -10,13 +10,26 @@ on: type: string tag: description: 'Docker semver tag or SHA. E.g.: needs.semver.outputs.semver or github.sha.' + required: false + type: string + backend_tag: + description: 'backend Tag, could be tag or sha' required: true type: string + migrations_tag: + description: 'migrations Tag, could be tag or sha' + required: true + type: string + frontend_tag: + description: 'frontend Tag, could be tag or sha' + required: true + type: string + target: description: 'PR number, test or prod.' required: true type: string - + ### Usually a bad idea / not recommended directory: description: 'Chart directory.' @@ -46,6 +59,7 @@ jobs: working-directory: ${{ inputs.directory }} shell: bash run: | + echo tags are ${{ inputs.backend_tag }} ${{ inputs.migrations_tag }} ${{ inputs.frontend_tag }} # Login to OpenShift (NOTE: project command is a safeguard) oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }} oc project ${{ vars.oc_namespace }} @@ -57,14 +71,13 @@ jobs: helm rollback ${{ github.event.repository.name }}-${{ inputs.target }} || \ helm uninstall ${{ github.event.repository.name }}-${{ inputs.target }} fi - # Deploy Helm Chart helm dependency update helm upgrade \ --set-string global.repository=${{ github.repository }} \ - --set-string backend.containers[0].tag="${{ inputs.tag }}" \ - --set-string backend.initContainers[0].tag="${{ inputs.tag }}" \ - --set-string frontend.containers[0].tag="${{ inputs.tag }}" \ + --set-string backend.containers[0].tag="${{ inputs.backend_tag }}" \ + --set-string backend.initContainers[0].tag="${{ inputs.migrations_tag }}" \ + --set-string frontend.containers[0].tag="${{ inputs.frontend_tag }}" \ --set-string bitnami-pg.auth.password=${{ secrets.DB_PASSWORD }} \ --set-string bitnami-pg.auth.postgresPassword=${{ secrets.DB_PASSWORD }} \ --install --wait --atomic ${{ github.event.repository.name }}-${{ inputs.target }} \ diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml index 093e80082..4ca7ed534 100644 --- a/.github/workflows/merge.yml +++ b/.github/workflows/merge.yml @@ -30,30 +30,33 @@ jobs: skip-on-empty: 'false' git-push: 'false' - retag-images: - name: Tag Images - needs: [semver] + get-digest: + name: Get Digests + outputs: + backend_tag: ${{ steps.get_digest.outputs.backend_tag }} + migrations_tag: ${{ steps.get_digest.outputs.migrations_tag }} + frontend_tag: ${{ steps.get_digest.outputs.frontend_tag }} runs-on: ubuntu-22.04 strategy: matrix: package: [backend, migrations, frontend] steps: - - name: Tag Docker Images - uses: shrink/actions-docker-registry-tag@v3 - with: - registry: ghcr.io - repository: ${{ github.repository }}/${{ matrix.package }} - target: test - tags: ${{ needs.semver.outputs.semver }} + - name: return digest + id: get_digest + run: | + DIGEST=$(docker manifest inspect ghcr.io/${{ github.repository }}/${{ matrix.package }}:test | jq '.manifests[0].digest') + echo "${{ matrix.package }}_tag=${DIGEST}" >> $GITHUB_OUTPUT deploys-test: name: Deploys (test) - needs: [retag-images, semver] + needs: [retag-images, get-digest] uses: ./.github/workflows/.deploy.yml secrets: inherit with: environment: test - tag: ${{ needs.semver.outputs.semver }} + backend_tag: ${{ needs.get-digest.outputs.backend_tag }} + migrations_tag: ${{ needs.get-digest.outputs.migrations_tag }} + frontend_tag: ${{ needs.get-digest.outputs.frontend_tag }} target: test integration-tests: @@ -123,12 +126,14 @@ jobs: deploys-prod: name: Deploys (prod) - needs: [cypress-e2e, integration-tests, semver] + needs: [cypress-e2e, integration-tests, get-digest] uses: ./.github/workflows/.deploy.yml secrets: inherit with: environment: prod - tag: ${{ needs.semver.outputs.semver }} + backend_tag: ${{ needs.get-digest.outputs.backend_tag }} + migrations_tag: ${{ needs.get-digest.outputs.migrations_tag }} + frontend_tag: ${{ needs.get-digest.outputs.frontend_tag }} target: prod tags: diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index 751051781..b3e98d9f5 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -51,6 +51,11 @@ jobs: builds: name: Builds runs-on: ubuntu-22.04 + outputs: + backend_tag: ${{ steps.get_digest.outputs.backend_tag }} + migrations_tag: ${{ steps.get_digest.outputs.migrations_tag }} + frontend_tag: ${{ steps.get_digest.outputs.frontend_tag }} + permissions: packages: write strategy: @@ -58,7 +63,8 @@ jobs: package: [migrations, backend, frontend] timeout-minutes: 10 steps: - - uses: bcgov-nr/action-builder-ghcr@v1.3.0 + - uses: bcgov-nr/action-builder-ghcr@v2.0.0 + id: build with: keep_versions: 50 package: ${{ matrix.package }} @@ -74,6 +80,10 @@ jobs: repository: ${{ github.repository }}/${{ matrix.package }} target: ${{ github.sha }} tags: ${{ github.event.number }} + - name: return build output + id: get_digest + run: | + echo "${{ matrix.package }}_tag=${{steps.build.outputs.digest}}" >> $GITHUB_OUTPUT # https://github.com/bcgov-nr/action-deployer-openshift deploys: @@ -82,6 +92,8 @@ jobs: uses: ./.github/workflows/.deploy.yml secrets: inherit with: - tag: ${{ github.sha }} + backend_tag: ${{ needs.builds.outputs.backend_tag }} + migrations_tag: ${{ needs.builds.outputs.migrations_tag }} + frontend_tag: ${{ needs.builds.outputs.frontend_tag }} target: ${{ github.event.number }} values: values-pr.yaml diff --git a/charts/quickstart-openshift/Chart.lock b/charts/quickstart-openshift/Chart.lock index c429be7d8..a3d0fdbf7 100644 --- a/charts/quickstart-openshift/Chart.lock +++ b/charts/quickstart-openshift/Chart.lock @@ -1,15 +1,15 @@ dependencies: - name: component repository: https://bcgov.github.io/helm-service - version: 0.0.12 + version: 0.0.13 - name: component repository: https://bcgov.github.io/helm-service - version: 0.0.12 + version: 0.0.13 - name: postgresql repository: https://charts.bitnami.com/bitnami version: 13.0.0 - name: component repository: https://bcgov.github.io/helm-service - version: 0.0.12 -digest: sha256:317f1d1c1bb8d59d3f3c7eeb2a31d290699bf0247bf335ee2f3e0253e7af6b58 -generated: "2023-10-24T20:40:23.026159341-07:00" + version: 0.0.13 +digest: sha256:a5cc2fbfbfa83d24905e056a69ece0cc0992e401b5d37821e0910bd23aa18ffb +generated: "2023-10-25T14:05:35.9312876-07:00" diff --git a/charts/quickstart-openshift/Chart.yaml b/charts/quickstart-openshift/Chart.yaml index ab99e51e2..47342ec84 100644 --- a/charts/quickstart-openshift/Chart.yaml +++ b/charts/quickstart-openshift/Chart.yaml @@ -27,13 +27,13 @@ appVersion: "1.16.0" dependencies: - name: component condition: backend.enabled - version: 0.0.12 + version: 0.0.13 repository: https://bcgov.github.io/helm-service alias: backend - name: component condition: frontend.enabled - version: 0.0.12 + version: 0.0.13 repository: https://bcgov.github.io/helm-service alias: frontend @@ -46,6 +46,6 @@ dependencies: - name: component condition: backup.enabled - version: 0.0.12 + version: 0.0.13 repository: https://bcgov.github.io/helm-service alias: backup diff --git a/charts/quickstart-openshift/values.yaml b/charts/quickstart-openshift/values.yaml index b2e7955d4..ce6fa5b98 100644 --- a/charts/quickstart-openshift/values.yaml +++ b/charts/quickstart-openshift/values.yaml @@ -327,7 +327,7 @@ bitnami-pg: shmVolume: enabled: false backup: - enabled: true + enabled: false cronjob: containerSecurityContext: { } podSecurityContext: