Skip to content

Merge pull request #412 from bcgov/dependabot/nuget/src/backend/Seril… #1024

Merge pull request #412 from bcgov/dependabot/nuget/src/backend/Seril…

Merge pull request #412 from bcgov/dependabot/nuget/src/backend/Seril… #1024

Workflow file for this run

name: CSRS API Build and Deployment
on:
push:
branches:
- 'main'
# as per https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#onpushpull_requestbranchestags
paths:
- 'src/backend/**'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
inputs:
api:
description: 'api Name (jag-csrs-api)'
required: true
default: jag-csrs-api
env:
description: 'Image Target Env'
required: true
default: 'dev'
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build-push-image:
# The type of runner that the job will run on
runs-on: ubuntu-latest
environment: ${{ github.event.inputs.env }}
env:
api: ${{github.event.inputs.api}}
env: ${{github.event.inputs.env}}
api_from_gh_secret: ${{ secrets.API_NAME }}
env_from_gh_secret: ${{secrets.OPENSHIFT_ENV_TAG}}
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Git Checkout
uses: actions/checkout@v2
# Get Git latest short Sha# from the release branch used. This Sha# will be used in image tagging as well as DC Pod labelling.
- name: Get git commit short sha
id: sha
run: |
shortSha=$(echo $(git rev-parse --short HEAD) | cut -c1-7)
echo "gitsha=$shortSha" >> $GITHUB_ENV
- name: env variables
run: |
if [[ -z "$api" ]]; then
echo "api=$api_from_gh_secret" >> $GITHUB_ENV
fi
if [[ -z "$env" ]]; then
echo "env=$env_from_gh_secret" >> $GITHUB_ENV
fi
- name: print env variables
run: |
echo "Release API: ${{ env.api }}"
echo "Release Environment: ${{ env.env }}"
echo "Release Git Sha: ${{env.gitsha}}"
#Login to OpenShift Container Repository
- name: Login to OpenShift Container Repository
uses: docker/login-action@v1
with:
registry: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY}}
username: ${{secrets.OPENSHIFT_BUILDER_SA_USERNAME}}
password: ${{secrets.OPENSHIFT_BUILDER_SA_PASSWORD}}
#Build and push image to OpenShift Image stream
#Yet to add additional check that push happens only on successful test execution
- name: Build & Push Image to Openshift Image Stream
env:
COMPOSE_DOCKER_CLI_BUILD: 1
DOCKER_BUILDKIT: 1
CONTEXT: ./src/backend
#Right now do not have enough permission to manipulate RBAC, creating imagestream under tools and then using that from dev, test, prod
IMAGE: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY}}/${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{env.env}}/${{env.api}}:${{env.env}}
run: |
docker build -f ./src/backend/Dockerfile.rhel8 \
--tag ${IMAGE} \
${CONTEXT}
docker push ${IMAGE}