ci: workflow cleanup (#1506)

bcgov · Oct 24, 2023 · 87e57f8 · 87e57f8
1 parent de38ae9
commit 87e57f8
Show file tree

Hide file tree

Showing 5 changed files with 51 additions and 89 deletions.
diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml
@@ -11,12 +11,10 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  semantic-version:
+  semver:
     name: Semantic Version
     outputs:
-      semanticVersion: ${{ steps.changelog.outputs.version }}
-      tag: ${{ steps.changelog.outputs.tag }}
-      clean_changelog: ${{ steps.changelog.outputs.clean_changelog }}
+      semver: ${{ steps.changelog.outputs.version }}
     runs-on: ubuntu-22.04
     timeout-minutes: 1
     steps:
@@ -27,14 +25,13 @@ jobs:
         continue-on-error: true
         with:
           github-token: ${{ github.token }}
-          output-file: 'CHANGELOG.md'
           skip-version-file: 'true'
           skip-commit: 'true'
           skip-on-empty: 'false'
-          git-push: 'true'
+          git-push: 'false'
 
   retag-images:
-    needs: [semantic-version]
+    needs: [semver]
     runs-on: ubuntu-22.04
     strategy:
         matrix:
@@ -46,10 +43,10 @@ jobs:
           registry: ghcr.io
           repository: ${{ github.repository }}/${{ matrix.package }}
           target: test
-          tags: ${{ needs.semantic-version.outputs.semanticVersion }}
+          tags: ${{ needs.semver.outputs.semver }}
 
   deploys-test:
-    needs: [retag-images, semantic-version]
+    needs: [retag-images, semver]
     name: TEST Deploys
     environment: test
     runs-on: ubuntu-22.04
@@ -59,38 +56,18 @@ jobs:
       - name: Deploy
         shell: bash
         run: |
-          # Allow pipefail, since we could be catching oc create errors
-          set +o pipefail
-          
           # Login to OpenShift (NOTE: project command is a safeguard)
           oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
           oc project ${{ vars.oc_namespace }}
           
           # Deploy Helm Chart
           cd charts/${{ github.event.repository.name }}
           helm dependency update
-          helm upgrade --install --wait --atomic ${{ github.event.repository.name }}-test --values values.yaml --set-string global.repository=${{ github.repository }}  --set-string backend.containers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string backend.initContainers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string frontend.containers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}}   --timeout 10m .
-
-  cleanup-test:
-    name: TEST Pod cleanup
-    environment: test
-    needs: [deploys-test]
-    runs-on: ubuntu-22.04
-    steps:
-      - name: Remove OpenShift artifacts
-        run: |
-          oc login --token=${{ secrets.OC_TOKEN }} --server=${{ vars.OC_SERVER }}
-          oc project ${{ vars.OC_NAMESPACE }}
-
-          # Remove old build runs, build pods and deployment pods
-          oc delete po --field-selector=status.phase==Succeeded
+          helm upgrade --install --wait --atomic ${{ github.event.repository.name }}-test --values values.yaml --set-string global.repository=${{ github.repository }} --set-string backend.containers[0].tag=${{ needs.semver.outputs.semver }} --set-string backend.initContainers[0].tag=${{ needs.semver.outputs.semver }} --set-string frontend.containers[0].tag=${{ needs.semver.outputs.semver }} --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}} --timeout 10m .
 
   integration-tests:
     needs: [deploys-test]
-    name: Integration Tests for APIs
-    defaults:
-      run:
-        working-directory: integration-tests
+    name: Integration Tests
     runs-on: ubuntu-22.04
     timeout-minutes: 1
     steps:
@@ -105,13 +82,17 @@ jobs:
             ${{ runner.os }}-build-
             ${{ runner.os }}-
 
-      - name: Install dependencies
-        run: npm ci
-      - name: Run integration tests
-        run: BASE_URL=https://${{ github.event.repository.name }}-test-frontend.apps.silver.devops.gov.bc.ca API_NAME=nest  node src/main.js
+      - name: Integration tests
+        env:
+          API_NAME: nest
+          BASE_URL: https://${{ github.event.repository.name }}-test-frontend.apps.silver.devops.gov.bc.ca
+        run: |
+          cd integration-tests
+          npm ci
+          node src/main.js
 
   cypress-e2e:
-    name: Cypress end to end test
+    name: Cypress E2E
     needs: [deploys-test]
     runs-on: ubuntu-22.04
     defaults:
@@ -151,7 +132,7 @@ jobs:
 
   deploys-prod:
     name: PROD Deploys
-    needs: [cypress-e2e, integration-tests,deploys-test, semantic-version] # all of this needed to Go To PROD.
+    needs: [cypress-e2e, integration-tests,deploys-test, semver] # all of this needed to Go To PROD.
     environment: prod
     runs-on: ubuntu-22.04
     timeout-minutes: 10
@@ -160,30 +141,29 @@ jobs:
       - name: Deploy
         shell: bash
         run: |
-          # Allow pipefail, since we could be catching oc create errors
-          set +o pipefail
-          
           # Login to OpenShift (NOTE: project command is a safeguard)
           oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
           oc project ${{ vars.oc_namespace }}
           
           # Deploy Helm Chart
           cd charts/${{ github.event.repository.name }}
           helm dependency update
-          helm upgrade --install --wait --atomic ${{ github.event.repository.name }} --values values.yaml --set-string global.repository=${{ github.repository }} --set-string backend.containers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string backend.initContainers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string frontend.containers[0].tag=${{ needs.semantic-version.outputs.semanticVersion }} --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}}   --timeout 10m .
+          helm upgrade --install --wait --atomic ${{ github.event.repository.name }} --values values.yaml --set-string global.repository=${{ github.repository }} --set-string backend.containers[0].tag=${{ needs.semver.outputs.semver }} --set-string backend.initContainers[0].tag=${{ needs.semver.outputs.semver }} --set-string frontend.containers[0].tag=${{ needs.semver.outputs.semver }} --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}} --timeout 10m .
 
       - name: Create Tags
-        uses: jaywcjlove/[email protected]
-        if: ${{ needs.semantic-version.outputs.semanticVersion != '' }}
+        if: ${{ needs.semver.outputs.semver != '' }}
         run: |
-          git tag ${{ needs.semantic-version.outputs.semanticVersion }}
+          git tag ${{ needs.semver.outputs.semver }}
           git push origin --tag
 
-  cleanup-prod:
-    name: PROD Pod cleanup
-    environment: prod
-    needs: [deploys-prod]
+  cleanup:
+    name: Pod cleanup
+    environment: ${{ matrix.environment }}
+    needs: [deploys-test]
     runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        environment: [test, prod]
     steps:
       - name: Remove OpenShift artifacts
         run: |

diff --git a/.github/workflows/pr-close.yml b/.github/workflows/pr-close.yml
@@ -41,5 +41,5 @@ jobs:
         with:
           registry: ghcr.io
           repository: ${{ github.repository }}/${{ matrix.package }}
-          target: ${{ github.event.number }}
+          target: ${{ github.sha }}
           tags: test
diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml
@@ -56,7 +56,7 @@ jobs:
       packages: write
     strategy:
       matrix:
-        package: [ migrations, backend, frontend]
+        package: [migrations, backend, frontend]
         include:
           - package: migrations
             build_context: ./backend/db
@@ -76,13 +76,6 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
           triggers: ${{ matrix.triggers }}
           build_context: ${{ matrix.build_context }}
-      - name: Tag Docker Images
-        uses: shrink/actions-docker-registry-tag@v3
-        with:
-          registry: ghcr.io
-          repository: ${{ github.repository }}/${{ matrix.package }}
-          target: ${{ github.sha }}
-          tags: ${{ github.event.number }}
 
   # https://github.com/bcgov-nr/action-deployer-openshift
   deploys:
@@ -95,14 +88,11 @@ jobs:
       - name: Deploy
         shell: bash
         run: |
-          # Allow pipefail, since we could be catching oc create errors
-          set +o pipefail
-          echo "IncrementalTag is $IncrementalTag"
           # Login to OpenShift (NOTE: project command is a safeguard)
           oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
           oc project ${{ vars.oc_namespace }}
           
           # Deploy Helm Chart
           cd charts/${{ github.event.repository.name }}
           helm dependency update
-          helm upgrade --install --wait --atomic ${{ github.event.repository.name }}-${{ github.event.number }} --values values-pr.yaml --set-string global.repository=${{ github.repository }}  --set-string backend.containers[0].tag="${{ github.sha }}" --set-string backend.initContainers[0].tag="${{ github.sha }}" --set-string frontend.containers[0].tag="${{ github.sha }}" --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}}   --timeout 10m .
+          helm upgrade --install --wait --atomic ${{ github.event.repository.name }}-${{ github.event.number }} --values values-pr.yaml --set-string global.repository=${{ github.repository }} --set-string backend.containers[0].tag="${{ github.sha }}" --set-string backend.initContainers[0].tag="${{ github.sha }}" --set-string frontend.containers[0].tag="${{ github.sha }}" --set-string bitnami-pg.auth.password=${{secrets.DB_PASSWORD}} --set-string bitnami-pg.auth.postgresPassword=${{secrets.DB_PASSWORD}} --timeout 10m .
diff --git a/.github/workflows/pr-purge.yml b/.github/workflows/pr-purge.yml
diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml
@@ -58,14 +58,34 @@ jobs:
           FLYWAY_VALIDATE_MIGRATION_NAMING: true
           FLYWAY_LOCATIONS: filesystem:./backend/db/migrations
           FLYWAY_DEFAULT_SCHEMA: "users"
+
       - name: Create Output Folder
         run: |
           mkdir output
           chmod a+rwx -R output
+
       - name: Run Schemaspy
         run: docker run --network host -v "$PWD/output:/output" schemaspy/schemaspy:6.2.4 -t pgsql -db default -host 127.0.0.1 -port 5432 -u default -p default -schemas users
       - name: Deploy to Pages
         uses: JamesIves/github-pages-deploy-action@v4
         with:
           folder: output
           target-folder: schemaspy
+
+  ageOutPRs:
+    name: PR Env Purge
+    env:
+      # https://tecadmin.net/getting-yesterdays-date-in-bash/
+      DATE: "1 week ago"
+      TYPE: "po,image,pvc"
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - run: |
+          # Login to OpenShift (NOTE: project command is a safeguard)
+          oc login --token=${{ secrets.OC_TOKEN }} --server=${{ vars.OC_SERVER }}
+          oc project ${{ vars.OC_NAMESPACE }}
+
+          oc get ${{ env.TYPE }} -o go-template --template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | \
+            awk '$2 <= "'$(date -d '${{ env.DATE }}' -Ins --utc | sed 's/+0000/Z/')'" { print $1 }' | \
+            xargs --no-run-if-empty oc delete ${{ env.TYPE }}