fix: pipeline and helm release (#59)

* fix pipeline * fix pipeline * fix the needs * fix the needs * fix release * fix pipeline * fix pipeline * fix names * fix helm command
bcgov · Feb 4, 2024 · 69806e3 · 69806e3
1 parent 01b6778
commit 69806e3
Show file tree

Hide file tree

Showing 9 changed files with 275 additions and 52 deletions.
diff --git a/.github/workflows/.deploy.yml b/.github/workflows/.deploy.yml
@@ -0,0 +1,152 @@
+name: .Deploys
+
+on:
+  workflow_call:
+    inputs:
+      ### Required
+      release:
+        description: Deployment release; usually PR number, test or prod
+        required: true
+        type: string
+
+      ### Typical / recommended
+      autoscaling:
+        description: Autoscaling enabled or not for the deployments
+        required: false
+        type: string
+        default: true
+      environment:
+        description: Environment name; omit for PRs
+        required: false
+        type: string
+      tag:
+        description: Container tag; usually PR number
+        required: false
+        type: string
+        default: ${{ github.event.number }}
+      triggers:
+        description: Paths to trigger a deploy; omit=always; e.g. ('backend/' 'frontend/')
+        required: false
+        type: string
+
+      ### Usually a bad idea / not recommended
+      directory:
+        description: 'Chart directory'
+        default: 'charts/${{ github.event.repository.name }}'
+        required: false
+        type: string
+      timeout-minutes:
+        description: 'Timeout minutes'
+        default: 10
+        required: false
+        type: number
+      values:
+        description: 'Values file'
+        default: 'values.yaml'
+        required: false
+        type: string
+      DB_HOST:
+        description: 'Database Host'
+        default: ''
+        required: true
+        type: string
+      DB_NAME:
+        description: 'Database Name'
+        default: ''
+        required: true
+        type: string
+      DB_PWD:
+        description: 'Database Password'
+        default: ''
+        required: true
+        type: string
+      DB_USER:
+        description: 'Database User'
+        default: ''
+        required: true
+        type: string
+      DB_PORT:
+        description: 'Database Port'
+        default: '1543'
+        required: false
+        type: string
+      params:
+        description: 'Extra parameters to pass to helm upgrade'
+        default: ''
+        required: false
+        type: string
+
+env:
+  repo_release: ${{ github.event.repository.name }}-${{ inputs.release }}
+  package_tag: ${{ inputs.tag }}
+
+jobs:
+  deploys:
+    name: Helm
+    environment: ${{ inputs.environment }}
+    runs-on: ubuntu-22.04
+    timeout-minutes: ${{ inputs.timeout-minutes }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Check Deployment Triggers
+        id: triggers
+        run: |
+          # Expand for trigger processing
+
+          # Always deploy if no triggers are provided
+          if [ -z "${{ inputs.triggers }}" ]; then
+            echo "Always deploy when no triggers are provided"
+            echo "triggered=true" >> $GITHUB_OUTPUT
+            exit 0
+          fi
+
+          # Deploy if changed files (git diff) match triggers
+          TRIGGERS=${{ inputs.triggers }}
+          git fetch origin ${{ github.event.repository.default_branch }}
+          while read -r check; do
+            for t in "${TRIGGERS[@]}"; do
+              if [[ "${check}" =~ "${t}" ]]; then
+                  echo "Build triggered based on git diff"
+                  echo -e "${t}\n --> ${check}"
+                  echo "triggered=true" >> $GITHUB_OUTPUT
+                  exit 0
+              fi
+            done
+          done < <(git diff origin/${{ github.event.repository.default_branch }} --name-only)
+
+          # If here skip deployment
+          echo "No triggers have fired, deployment skipped"
+
+      - name: Deploy if Triggers Fired
+        if: ${{ steps.triggers.outputs.triggered == 'true' }}
+        working-directory: ${{ inputs.directory }}
+        shell: bash
+        run: |
+          oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
+          oc project ${{ vars.OC_NAMESPACE }} # Safeguard!
+          # uninstall if found
+          helm uninstall ${{ env.repo_release }} || true
+
+          # Deploy Helm Chart
+          helm dependency update
+          helm package --app-version="${{ env.package_tag }}" --version=${{ inputs.tag }} .
+          
+          helm upgrade \
+            --set-string app.envs.DB_HOST=${{ inputs.DB_HOST }} \
+            --set-string app.envs.DB_NAME=${{ inputs.DB_NAME }} \
+            --set-string app.envs.DB_PASSWORD=${{ inputs.DB_PWD }} \
+            --set-string app.envs.DB_USER=${{ inputs.DB_USER }} \
+            --set-string app.envs.DB_PORT="${{ inputs.DB_PORT }}" \
+            --set-string image.tag="${{ env.package_tag }}" \
+            --set-string namespace=${{ vars.oc_namespace }}  \
+            ${{ inputs.params }} \
+            --install --wait --atomic  ${{ env.repo_release }} \
+            --timeout ${{ inputs.timeout-minutes }}m \
+            --values ${{ inputs.values }} \
+            ./${{ github.event.repository.name }}-${{ inputs.tag }}.tgz
+
+          # print history 
+          helm history ${{ env.repo_release }}
+          
+          # Remove old build runs, build pods and deployment pods
+          oc delete po --field-selector=status.phase==Succeeded
diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml
@@ -15,8 +15,22 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  vars:
+    name: Set Variables
+    outputs:
+      pr: ${{ steps.pr.outputs.pr }}
+    runs-on: ubuntu-22.04
+    timeout-minutes: 1
+    steps: # Get PR number for squash merges to main
+      -
+        name: PR Number
+        id: pr
+        uses: bcgov-nr/action-get-pr@v0.0.1
   semantic-release:
     runs-on: ubuntu-22.04
+    needs: [vars]
+    outputs:
+      tag: ${{ steps.changelog.outputs.tag }}
     steps:
       - uses: actions/checkout@v4
         with:
@@ -51,7 +65,7 @@ jobs:
         with:
           registry: ghcr.io
           repository: ${{ github.repository }}/nr-oracle-service
-          target: test
+          target: ${{ needs.vars.outputs.pr }}
           tags: ${{ steps.changelog.outputs.version }}
 
       - name: Tag Docker Image for init container
@@ -60,7 +74,30 @@ jobs:
         with:
           registry: ghcr.io
           repository: ${{ github.repository }}/nr-oracle-service-init
-          target: test
+          target: ${{ needs.vars.outputs.pr }}
           tags: ${{ steps.changelog.outputs.version }}
-
+  helm-release:
+    runs-on: ubuntu-22.04
+    needs: [semantic-release]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+      - name: package helm chart
+        shell: bash
+        working-directory: charts/${{ github.event.repository.name }}
+        run: |
+          helm dependency update
+          helm package --app-version="${{ needs.semantic-release.outputs.tag }}" --version=${{ needs.semantic-release.outputs.tag }} .
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.6.0
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+        with:
+          skip_packaging: 'true'
 
diff --git a/.github/workflows/pr-close.yml b/.github/workflows/pr-close.yml
@@ -17,15 +17,18 @@ jobs:
   # Clean up OpenShift when PR closed, no conditions
   cleanup-openshift:
     name: Cleanup OpenShift
+    env:
+      release: ${{ github.event.repository.name }}-${{ github.event.number }}
     runs-on: ubuntu-22.04
     steps:
       - name: Remove OpenShift artifacts
         run: |
           oc login --token=${{ secrets.OC_TOKEN }} --server=${{ vars.OC_SERVER }}
           oc project ${{ vars.OC_NAMESPACE }}
 
-          # Remove old build runs, build pods and deployment pods
-          helm uninstall nr-oracle-service-${{ github.event.number }}
+          # If found, then remove
+          helm status ${{ env.release }} && helm uninstall --no-hooks ${{ env.release }} || \
+            echo "Not found: ${{ env.release }}"
 
   # If merged into main, then handle any image promotions
   image-promotions:
@@ -42,5 +45,5 @@ jobs:
         with:
           registry: ghcr.io
           repository: ${{ github.repository }}/${{ matrix.package }}
-          target: pr-${{ github.event.number }}
+          target: ${{ github.event.number }}
           tags: test
diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml
@@ -35,19 +35,12 @@ jobs:
       - uses: bcgov-nr/action-builder-ghcr@v2.0.1
         with:
           package: ${{ matrix.package }}
-          tag: ${{ github.sha }}
+          tag: ${{ github.event.number }}
           token: ${{ secrets.GITHUB_TOKEN }}
           build_file: ${{ matrix.build_file }}
           build_context: ${{ matrix.build_context }}
           triggers: ${{ matrix.triggers }}
 
-      - uses: shrink/actions-docker-registry-tag@v4
-        with:
-          registry: ghcr.io
-          repository: ${{ github.repository }}/${{ matrix.package }}
-          target: ${{ github.sha }}
-          tags: pr-${{ github.event.number }}
-
 
 
   deploys:
@@ -78,31 +71,41 @@ jobs:
         with:
           url: https://vault-iit.apps.silver.devops.gov.bc.ca
           token: ${{ steps.broker.outputs.vault_token }}
-          exportEnv: 'false'
+          exportEnv: 'true'
           secrets: |
             apps/data/${{ env.secret_path_env }}/${{ env.project_name }}/${{ env.app_name }}/rar dbHost | DB_HOST;
             apps/data/${{ env.secret_path_env }}/${{ env.project_name }}/${{ env.app_name }}/rar dbName | DB_NAME;
             apps/data/${{ env.secret_path_env }}/${{ env.project_name }}/${{ env.app_name }}/rar dbPassword | DB_PWD;
             apps/data/${{ env.secret_path_env }}/${{ env.project_name }}/${{ env.app_name }}/rar dbUser | DB_USER;
-      - name: Deploy to OpenShift
+
+
+      - name: Deploy to Openshift
+        working-directory: charts/nr-oracle-service
         shell: bash
         run: |
-          # Allow pipefail, since we could be catching oc create errors
-          set +o pipefail
-          
-          # Login to OpenShift (NOTE: project command is a safeguard)
           oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
-          oc project ${{ vars.oc_namespace }}
-          
+          oc project ${{ vars.OC_NAMESPACE }} # Safeguard!
+          # uninstall if found
+          helm uninstall ${{ github.event.repository.name }}-${{ github.event.number }} || true
+
           # Deploy Helm Chart
-          helm upgrade --install nr-oracle-service-${{ github.event.number }} \
-          --set-string image.tag=${{ github.sha }} \
-          --set-string app.envs.DB_HOST=${{ steps.secrets.outputs.DB_HOST }} \
-          --set-string app.envs.DB_NAME=${{ steps.secrets.outputs.DB_NAME }} \
-          --set-string app.envs.DB_PASSWORD=${{ steps.secrets.outputs.DB_PWD }} \
-          --set-string app.envs.DB_USER=${{ steps.secrets.outputs.DB_USER }} \
-          --set-string app.envs.DB_PORT="${{ secrets.DB_PORT }}" \
-          --set-string image.repository="ghcr.io/${{ github.repository }}/nr-oracle-service" \
-          --set-string image.repositoryInit="ghcr.io/${{ github.repository }}/nr-oracle-service-init" \
-          --set-string namespace=${{ vars.oc_namespace }}  \
-          --timeout 10m charts/nr-oracle-service
+          helm dependency update
+          helm package --app-version="${{ github.event.number }}" --version=${{ github.event.number }} .
+          
+          helm upgrade \
+            --set-string app.envs.DB_HOST=${{ steps.secrets.outputs.DB_HOST }} \
+            --set-string app.envs.DB_NAME=${{ steps.secrets.outputs.DB_NAME }} \
+            --set-string app.envs.DB_PASSWORD=${{ steps.secrets.outputs.DB_PWD }} \
+            --set-string app.envs.DB_USER=${{ steps.secrets.outputs.DB_USER }} \
+            --set-string app.envs.DB_PORT="1543" \
+            --set-string image.tag="${{ github.event.number }}" \
+            --set-string namespace=${{ vars.oc_namespace }}  \
+            --install --wait --atomic  ${{ github.event.repository.name }}-${{ github.event.number }} \
+            --values values.yaml \
+            ./${{ github.event.repository.name }}-${{ github.event.number }}.tgz
+
+          # print history 
+          helm history ${{ github.event.repository.name }}-${{ github.event.number }}
+          
+          # Remove old build runs, build pods and deployment pods
+          oc delete po --field-selector=status.phase==Succeeded
diff --git a/charts/nr-oracle-service/README.md b/charts/nr-oracle-service/README.md
@@ -4,23 +4,21 @@
 
 The following table lists the configurable parameters and their default values.
 
-| Parameter | Description | Default |
-|  ---  |  ---  |  ---  |
-| `app.envs.DB_HOST` |   |   |
-| `app.envs.DB_NAME` |   |   |
-| `app.envs.DB_PASSWORD` |   |   |
-| `app.envs.DB_PORT` |   |   |
-| `app.envs.DB_SECRET` |   |   |
-| `app.envs.DB_USER` |   |   |
-| `app.envs.HTTP_PORT` |   | 3000 |
-| `app.envs.POOL_IDLE_TIMEOUT` |   | 60000 |
-| `app.envs.POOL_INITIAL_SIZE` |   | 2 |
-| `app.envs.POOL_LEAK_DETECTION_INTERVAL` |   | 300000 |
-| `app.envs.POOL_MAX_LIFETIME` |   | 180000 |
-| `app.envs.POOL_MAX_SIZE` |   | 2 |
-| `app.envs.POOL_MIN_SIZE` |   | 2 |
-| `app.image` | The container image to use. | ompra/nr-oracle-service:1.0.0-SNAPSHOT |
-| `app.ports.http` | The http port to use for the probe. | 3000 |
+| Parameter                               | Description | Default |
+|-----------------------------------------|-------------|---------|
+| `app.envs.DB_HOST`                      |             |         |
+| `app.envs.DB_NAME`                      |             |         |
+| `app.envs.DB_PASSWORD`                  |             |         |
+| `app.envs.DB_PORT`                      |             |         |
+| `app.envs.DB_SECRET`                    |             |         |
+| `app.envs.DB_USER`                      |             |         |
+| `app.envs.HTTP_PORT`                    |             | 3000    |
+| `app.envs.POOL_IDLE_TIMEOUT`            |             | 60000   |
+| `app.envs.POOL_INITIAL_SIZE`            |             | 1       |
+| `app.envs.POOL_LEAK_DETECTION_INTERVAL` |             | 300000  |
+| `app.envs.POOL_MAX_LIFETIME`            |             | 180000  |
+| `app.envs.POOL_MAX_SIZE`                |             | 1       |
+| `app.envs.POOL_MIN_SIZE`                |             | 1       |
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
 Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,

diff --git a/pom.xml b/pom.xml
@@ -52,6 +52,18 @@
       <groupId>io.quarkus</groupId>
       <artifactId>quarkus-hibernate-validator</artifactId>
     </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-smallrye-health</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-micrometer-registry-prometheus</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-smallrye-openapi</artifactId>
+    </dependency>
     <dependency>
       <groupId>io.quarkus</groupId>
       <artifactId>quarkus-junit5</artifactId>