Merge pull request #312 from bcgov/psalssync-emailverify4 #174
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Static Deploy On Openshift | |
| # Builds and Deploys merged PR's to persistent pods/services/routes/etc in the OpenShift Dev environment. | |
| name: Deploy on Openshift | |
| on: | |
| push: | |
| branches: | |
| - dev | |
| - test | |
| - prod | |
| jobs: | |
| #Print variables for logging and debugging purposes | |
| checkEnv: | |
| name: Check Env variables | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Print Env Vars | |
| run: | | |
| echo Git Base Ref: ${{ github.base_ref }} | |
| echo Git Build ID: ${{ github.event.number }} | |
| echo Git Pull Request Ref: ${{ github.event.pull_request.head.sha }} | |
| echo OC CLI Version: $(oc version) | |
| echo Git Branch name: ${{ github.ref_name }} | |
| #Build the app | |
| build: | |
| name: Build APP | |
| runs-on: ubuntu-latest | |
| if: github.ref_name == 'dev' || github.ref_name == 'test' || github.ref_name == 'prod' | |
| env: | |
| BUILD_ID: ${{ github.event.number }} | |
| BUILD_NAMESPACE: 950003-tools | |
| BRANCH: ${{ github.ref_name }} | |
| BUILD_TAG: ${{ github.ref_name }} | |
| APP: moodle | |
| DB_BACKUP_APP: db-backup | |
| steps: | |
| # Checkout the PR branch | |
| - name: Print env | |
| run: | | |
| echo BUILD ID: $BUILD_ID | |
| echo BUILD NAMESPACE: $BUILD_NAMESPACE | |
| echo BRANCH: $BRANCH | |
| - name: Checkout Target Branch | |
| uses: actions/checkout@v1 | |
| # Log in to OpenShift. | |
| # Note: The secrets needed to log in are NOT available if the PR comes from a FORK. | |
| # PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail. | |
| - name: Log in to OpenShift | |
| run: | | |
| oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443 | |
| # Build the app images | |
| - name: Build App images | |
| working-directory: "./openshift/app" | |
| run: | | |
| test -n "${BRANCH}" | |
| test -n "${BUILD_NAMESPACE}" | |
| echo "BUILIDING ${APP} with tag: ${BUILD_TAG}" | |
| oc -n ${BUILD_NAMESPACE} process -f docker-build.yml \ | |
| -p TAG=${BUILD_TAG} \ | |
| -p SOURCE_REPOSITORY_REF=${BRANCH} \ | |
| -p BASE_IMAGE_NAME="php" \ | |
| -p BASE_IMAGE_TAG="7.4-apache" \ | |
| -p SITE_URL="https://moodle-950003-${BUILD_TAG}.apps.silver.devops.gov.bc.ca" \ | |
| -p BASE_IMAGE_REPO="aro.jfrog.io/moodle/" \ | |
| -p GITHUB_AUTH_TOKEN=${{ secrets.AUTH_TOKEN }} \ | |
| -p DB_HOST="mysql-0.mysql" \ | |
| -p DB_PASSWORD="${{ secrets.DB_PASSWORD_ESCAPED }}" \ | |
| -p DB_USER="moodle" \ | |
| -p DB_NAME="moodle" \ | |
| -p SOURCE_CONTEXT_DIR=. \ | |
| -p NAME=${APP} | oc -n ${BUILD_NAMESPACE} apply -f - | |
| oc -n ${BUILD_NAMESPACE} start-build bc/${APP} --no-cache --wait | |
| # Deploy App images in Dev | |
| deployDev: | |
| name: Deploy APP to Dev environment | |
| runs-on: ubuntu-latest | |
| if: github.ref_name == 'dev' | |
| env: | |
| BUILD_ID: ${{ github.event.number }} | |
| CRON_PASSWORD: ${{ secrets.CRON_PASSWORD }} | |
| NAMESPACE: 950003-dev | |
| BUILD_NAMESPACE: 950003-tools | |
| BRANCH: ${{ github.ref_name }} | |
| APP: moodle | |
| APP_HOST: moodle-950003-dev.apps.silver.devops.gov.bc.ca | |
| DB_BACKUP_APP: db-backup | |
| DB_NAME: moodle | |
| needs: | |
| - build | |
| steps: | |
| - name: Checkout Target Branch | |
| uses: actions/checkout@v1 | |
| # Log in to OpenShift. | |
| # Note: The secrets needed to log in are NOT available if the PR comes from a FORK. | |
| # PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail. | |
| - name: Log in to OpenShift | |
| run: | | |
| oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443 | |
| - name: Deploy APP | |
| run: | | |
| test -n "${NAMESPACE}" | |
| test -n "${BUILD_NAMESPACE}" | |
| test -n "${BRANCH}" | |
| echo "Current namespace is ${NAMESPACE}" | |
| oc -n ${NAMESPACE} process -f openshift/app/moodle-dc-persistent-template.json \ | |
| -p APP_NAME=${APP} \ | |
| -p SITE_URL=${APP_HOST} \ | |
| -p DB_HOST=mysql-0.mysql \ | |
| -p DB_SECONDARY_NAME=mysql-read \ | |
| -p MOODLE_MEMORY_LIMIT=4Gi \ | |
| -p PROJECT_NAMESPACE=950003-dev \ | |
| -p DB_SERVICE_NAME=mysql-0.mysql \ | |
| -p MOODLE_VOLUME_CAPACITY=10Gi \ | |
| -p BACKUP_VOLUME_SIZE=25Gi \ | |
| -p DB_NAME=moodle \ | |
| -p DB_USER=moodle \ | |
| -p HTTP_PORT=8080 \ | |
| -p DB_PORT=3306 \ | |
| -p APACHE_DOCUMENT_ROOT="/vendor/moodle/moodle" \ | |
| -p SITE_NAME=Moodle \ | |
| -p DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \ | |
| -p GIT_PROJECT=moodle \ | |
| -p MOODLE_DATA_PATH="/vendor/moodle/moodledata/persistent" \ | |
| -p MOODLE_DATA_MOUNT_PATH="/vendor/moodle/moodledata/persistent" \ | |
| -p BUILD_NAMESPACE="950003-tools" \ | |
| -p IMAGE_STREAM_TAG="moodle:dev" \ | |
| -p GIT_URL="https://github.com/moodle/moodle.git" \ | |
| -p GIT_TAG=openshift \ | |
| -p GITHUB_AUTH_TOKEN="${{ secrets.AUTH_TOKEN }}" \ | |
| -p CRON_PASSWORD="${{ secrets.CRON_PASSWORD }}" | \ | |
| oc -n ${NAMESPACE} apply -f - | |
| oc rollout latest dc/moodle -n ${NAMESPACE} | |
| # Check deployment rollout status every 10 seconds (max 10 minutes) until complete. | |
| ATTEMPTS=0 | |
| ROLLOUT_STATUS_CMD="oc rollout status dc/moodle -n ${NAMESPACE}" | |
| until $ROLLOUT_STATUS_CMD || [ $ATTEMPTS -eq 60 ]; do | |
| $ROLLOUT_STATUS_CMD | |
| ATTEMPTS=$((attempts + 1)) | |
| sleep 10 | |
| done | |
| oc project ${NAMESPACE} | |
| echo "Listing pods.." | |
| oc get pods|grep moodle | |
| for name in $podNames; do | |
| oc exec $podNames -- bash -c " | |
| cat <<- EOF > .env | |
| DB_PASSWORD=${{ secrets.DB_PASSWORD }} | |
| SSL_PROXY=true | |
| SITE_URL=https://moodle-950003-dev.apps.silver.devops.gov.bc.ca | |
| DB_HOST=mysql-0.mysql | |
| `EOF` " | |
| done | |
| export ROUTE="$(oc get route moodle -o jsonpath='{.spec.host}')" | |
| echo "${APP} is exposed at 'https://'${ROUTE}" | |
| # Deploy App images in Test | |
| deployTest: | |
| name: Deploy APP to Test environment | |
| runs-on: ubuntu-latest | |
| if: github.ref_name == 'test' | |
| env: | |
| BUILD_ID: ${{ github.event.number }} | |
| CRON_PASSWORD: ${{ secrets.CRON_PASSWORD }} | |
| NAMESPACE: 950003-test | |
| BUILD_NAMESPACE: 950003-tools | |
| BRANCH: ${{ github.ref_name }} | |
| APP: moodle | |
| APP_HOST: moodle-950003-test.apps.silver.devops.gov.bc.ca | |
| DB_BACKUP_APP: db-backup | |
| DB_NAME: moodle | |
| needs: | |
| - build | |
| steps: | |
| - name: Checkout Target Branch | |
| uses: actions/checkout@v1 | |
| # Log in to OpenShift. | |
| # Note: The secrets needed to log in are NOT available if the PR comes from a FORK. | |
| # PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail. | |
| - name: Log in to OpenShift | |
| run: | | |
| oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443 | |
| - name: Deploy APP | |
| run: | | |
| test -n "${NAMESPACE}" | |
| test -n "${BUILD_NAMESPACE}" | |
| test -n "${BRANCH}" | |
| echo "Current namespace is ${NAMESPACE}" | |
| oc -n ${NAMESPACE} process -f openshift/app/moodle-dc-persistent-template.json \ | |
| -p APP_NAME=${APP} \ | |
| -p SITE_URL=${APP_HOST} \ | |
| -p DB_HOST=mysql-0.mysql \ | |
| -p DB_SECONDARY_NAME=mysql-read \ | |
| -p MOODLE_MEMORY_LIMIT=6Gi \ | |
| -p PROJECT_NAMESPACE=950003-test\ | |
| -p DB_SERVICE_NAME=mysql-0.mysql \ | |
| -p MOODLE_VOLUME_CAPACITY=10Gi \ | |
| -p BACKUP_VOLUME_SIZE=25Gi \ | |
| -p DB_NAME=moodle \ | |
| -p DB_USER=moodle \ | |
| -p HTTP_PORT=8080 \ | |
| -p DB_PORT=3306 \ | |
| -p APACHE_DOCUMENT_ROOT="/vendor/moodle/moodle" \ | |
| -p SITE_NAME=Moodle \ | |
| -p DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \ | |
| -p GIT_PROJECT=moodle \ | |
| -p MOODLE_DATA_PATH="/vendor/moodle/moodledata/persistent" \ | |
| -p MOODLE_DATA_MOUNT_PATH="/vendor/moodle/moodledata/persistent" \ | |
| -p BUILD_NAMESPACE="950003-tools" \ | |
| -p IMAGE_STREAM_TAG="moodle:test" \ | |
| -p GIT_URL="https://github.com/moodle/moodle.git" \ | |
| -p GIT_TAG=openshift \ | |
| -p GITHUB_AUTH_TOKEN="${{ secrets.AUTH_TOKEN }}" \ | |
| -p CRON_PASSWORD="${{ secrets.CRON_PASSWORD }}" | \ | |
| oc -n ${NAMESPACE} apply -f - | |
| oc rollout latest dc/moodle -n ${NAMESPACE} | |
| # Check deployment rollout status every 10 seconds (max 10 minutes) until complete. | |
| ATTEMPTS=0 | |
| ROLLOUT_STATUS_CMD="oc rollout status dc/moodle -n ${NAMESPACE}" | |
| until $ROLLOUT_STATUS_CMD || [ $ATTEMPTS -eq 60 ]; do | |
| $ROLLOUT_STATUS_CMD | |
| ATTEMPTS=$((attempts + 1)) | |
| sleep 10 | |
| done | |
| oc project ${NAMESPACE} | |
| echo "Listing pods.." | |
| oc get pods|grep moodle | |
| sleep 30 | |
| oc get pods -l deploymentconfig=moodle --field-selector=status.phase=Running -o name | |
| sleep 20 | |
| podNames=$(oc get pods -l deploymentconfig=moodle --field-selector=status.phase=Running -o name) | |
| pwd | |
| ls -lrt .env | |
| echo $podNames | |
| for name in $podNames; do | |
| oc exec $podNames -- bash -c " | |
| cat <<- EOF > .env | |
| DB_PASSWORD=${{ secrets.DB_PASSWORD }} | |
| SSL_PROXY=true | |
| SITE_URL=https://moodle-950003-test.apps.silver.devops.gov.bc.ca | |
| DB_HOST=mysql-0.mysql | |
| `EOF` " | |
| done | |
| export ROUTE="$(oc get route moodle -o jsonpath='{.spec.host}')" | |
| echo "${APP} is exposed at 'https://'${ROUTE}" | |
| # Deploy App images in Prod | |
| deployProd: | |
| name: Deploy APP to Prod environment | |
| runs-on: ubuntu-latest | |
| if: github.ref_name == 'prod' | |
| env: | |
| BUILD_ID: ${{ github.event.number }} | |
| CRON_PASSWORD: ${{ secrets.CRON_PASSWORD }} | |
| NAMESPACE: 950003-prod | |
| BUILD_NAMESPACE: 950003-tools | |
| BRANCH: ${{ github.ref_name }} | |
| APP: moodle | |
| APP_HOST: moodle-950003-prod.apps.silver.devops.gov.bc.ca | |
| DB_BACKUP_APP: db-backup | |
| DB_NAME: moodle | |
| needs: | |
| - build | |
| steps: | |
| - name: Checkout Target Branch | |
| uses: actions/checkout@v1 | |
| # Log in to OpenShift. | |
| # Note: The secrets needed to log in are NOT available if the PR comes from a FORK. | |
| # PR's must originate from a branch off the original repo or else all openshift `oc` commands will fail. | |
| - name: Log in to OpenShift | |
| run: | | |
| oc login --token=${{ secrets.SA_TOKEN }} --server=https://api.silver.devops.gov.bc.ca:6443 | |
| - name: Deploy APP | |
| run: | | |
| test -n "${NAMESPACE}" | |
| test -n "${BUILD_NAMESPACE}" | |
| test -n "${BRANCH}" | |
| echo "Current namespace is ${NAMESPACE}" | |
| oc -n ${NAMESPACE} process -f openshift/app/moodle-dc-persistent-template.json \ | |
| -p APP_NAME=${APP} \ | |
| -p SITE_URL=${APP_HOST} \ | |
| -p DB_HOST=mysql-0.mysql \ | |
| -p DB_SECONDARY_NAME=mysql-read \ | |
| -p MOODLE_MEMORY_LIMIT=4Gi \ | |
| -p PROJECT_NAMESPACE=950003-prod\ | |
| -p DB_SERVICE_NAME=mysql-0.mysql \ | |
| -p MOODLE_VOLUME_CAPACITY=10Gi \ | |
| -p BACKUP_VOLUME_SIZE=15Gi \ | |
| -p DB_NAME=moodle \ | |
| -p DB_USER=moodle \ | |
| -p HTTP_PORT=8080 \ | |
| -p DB_PORT=3306 \ | |
| -p APACHE_DOCUMENT_ROOT="/vendor/moodle/moodle" \ | |
| -p SITE_NAME=Moodle \ | |
| -p DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \ | |
| -p GIT_PROJECT=moodle \ | |
| -p MOODLE_DATA_PATH="/vendor/moodle/moodledata/persistent" \ | |
| -p MOODLE_DATA_MOUNT_PATH="/vendor/moodle/moodledata/persistent" \ | |
| -p BUILD_NAMESPACE="950003-tools" \ | |
| -p IMAGE_STREAM_TAG="moodle:prod" \ | |
| -p GIT_URL="https://github.com/moodle/moodle.git" \ | |
| -p GIT_TAG=openshift \ | |
| -p GITHUB_AUTH_TOKEN="${{ secrets.AUTH_TOKEN }}" \ | |
| -p CRON_PASSWORD="${{ secrets.CRON_PASSWORD }}" | \ | |
| oc -n ${NAMESPACE} apply -f - | |
| oc rollout latest dc/moodle -n ${NAMESPACE} | |
| # Check deployment rollout status every 10 seconds (max 10 minutes) until complete. | |
| ATTEMPTS=0 | |
| ROLLOUT_STATUS_CMD="oc rollout status dc/moodle -n ${NAMESPACE}" | |
| until $ROLLOUT_STATUS_CMD || [ $ATTEMPTS -eq 60 ]; do | |
| $ROLLOUT_STATUS_CMD | |
| ATTEMPTS=$((attempts + 1)) | |
| sleep 10 | |
| done | |
| oc project ${NAMESPACE} | |
| echo "Listing pods.." | |
| oc get pods|grep moodle | |
| sleep 30 | |
| oc get pods -l deploymentconfig=moodle --field-selector=status.phase=Running -o name | |
| sleep 20 | |
| podNames=$(oc get pods -l deploymentconfig=moodle --field-selector=status.phase=Running -o name) | |
| pwd | |
| ls -lrt .env | |
| echo $podNames | |
| for name in $podNames; do | |
| oc exec $podNames -- bash -c " | |
| cat <<- EOF > .env | |
| DB_PASSWORD=${{ secrets.DB_PASSWORD }} | |
| SSL_PROXY=true | |
| SITE_URL=https://moodle-950003-prod.apps.silver.devops.gov.bc.ca | |
| DB_HOST=mysql-0.mysql | |
| `EOF` " | |
| done | |
| export ROUTE="$(oc get route moodle -o jsonpath='{.spec.host}')" | |
| echo "${APP} is exposed at 'https://'${ROUTE}" |