TEST-1234 Add actions

hwinther · Mar 27, 2024 · 6773513 · 6773513
1 parent 5109d7e
commit 6773513
Show file tree

Hide file tree

Showing 14 changed files with 943 additions and 0 deletions.
diff --git a/.github/actions/backend-deploy/action.yml b/.github/actions/backend-deploy/action.yml
@@ -0,0 +1,116 @@
+name: "Backend deploy"
+
+inputs:
+  deploy_target:
+    required: true
+    type: string
+    description: prod|qa|test|dev
+  repo_name:
+    required: true
+    type: string
+    description: main|qa|test|dev (repo name defined separate because main maps to prod)
+  labels:
+    required: true
+    type: string
+    description: labels from conditions in trigger workflow
+  base_name:
+    required: true
+    type: string
+    description: basil|gsi|login|ext
+  project_type:
+    required: true
+    type: string
+    description: function|app
+  dockerfile_path:
+    required: true
+    type: string
+    description: path to dockerfile
+  docker_image_name:
+    required: true
+    type: string
+    description: docker image name
+  azure_resource_name:
+    required: true
+    type: string
+    description: azure resource name
+  skip_setup:
+    required: false
+    default: false
+    type: bool
+    description: if true skips setting up .net and nuget package restore
+
+runs:
+  using: "composite"
+  steps:
+    - name: "Login via Azure CLI"
+      uses: azure/login@v1
+      with:
+        creds: ${{ env.AZURE_CREDENTIALS }}
+
+    - name: "Docker Login"
+      uses: azure/docker-login@v1
+      with:
+        login-server: ${{ env.DOCKER_REGISTRY_SERVER }}
+        username: ${{ env.DOCKER_REGISTRY_USERNAME }}
+        password: ${{ env.DOCKER_REGISTRY_PASSWORD }}
+
+    - name: Setup .NET
+      if: ${{ !inputs.skip_setup }}
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: ${{ env.DOTNET_VERSION }}
+
+    - uses: actions/cache@v3
+      if: ${{ !inputs.skip_setup }}
+      id: nuget-cache
+      with:
+        path: ~/.nuget/packages
+        key: nuget-${{ hashFiles('**/packages.lock.json') }}
+
+    - name: dotnet restore
+      if: ${{ !inputs.skip_setup }}
+      shell: bash
+      working-directory: ${{ env.BACKEND_SOLUTION_PATH }}
+      run: dotnet restore --locked-mode
+
+    - name: "Compose Customized Docker Image"
+      shell: bash
+      working-directory: ${{ env.BACKEND_SOLUTION_PATH }}
+      run: |
+        docker build . -f ${{ inputs.dockerfile_path }} -t ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:${{ env.INFORMATIONAL_VERSION }} -t ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:latest --build-arg VERSION=${{ env.VERSION }} --build-arg INFORMATIONAL_VERSION=${{ env.INFORMATIONAL_VERSION }}
+        docker push ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:${{ env.INFORMATIONAL_VERSION }}
+        docker push ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:latest
+
+    # Disse trengs kun første gang man deployer til et miljø
+    # TODO: terraform has to configure a web hook for each application first in order to skip this step, the web hook url is available from the app deployment center
+    - name: "Run Azure Functions Container Action"
+      uses: Azure/functions-container-action@v1
+      if: ${{ inputs.project_type == 'function' }}
+      id: fa
+      with:
+        app-name: ${{ inputs.azure_resource_name }}
+        image: ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:${{ env.INFORMATIONAL_VERSION }}
+
+    - name: "Deploy azure webapp"
+      uses: azure/webapps-deploy@v3
+      if: ${{ inputs.project_type == 'app' }}
+      id: webapps-deploy
+      with:
+        app-name: ${{ inputs.azure_resource_name }}
+        images: ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:${{ env.INFORMATIONAL_VERSION }}
+
+    - name: "Create or update deploy results PR comment"
+      uses: im-open/[email protected]
+      if: ${{ github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }}
+      with:
+        github-token: ${{ env.GH_TOKEN }}
+        comment-identifier: "${{ inputs.base_name }}-deploy-results"
+        comment-content: "🚀 Deployed with URL: ${{ steps.fa.outputs.app-url }}${{ steps.webapps-deploy.outputs.webapp-url }} from CR: ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:${{ env.INFORMATIONAL_VERSION }}"
+
+    - name: Annotate deploy results
+      shell: bash
+      run: 'echo "🚀 Deployed with URL: ${{ steps.fa.outputs.app-url }}${{ steps.webapps-deploy.outputs.webapp-url }} from CR: ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:${{ env.INFORMATIONAL_VERSION }}" >> $GITHUB_STEP_SUMMARY'
+
+    - name: Azure logout
+      shell: bash
+      run: az logout
diff --git a/.github/actions/platform-deploy/action.yml b/.github/actions/platform-deploy/action.yml
@@ -0,0 +1,83 @@
+name: "Backend deploy"
+
+inputs:
+  deploy_target:
+    required: true
+    type: string
+    description: prod|qa|test|dev
+  working_directory:
+    required: true
+    type: string
+    description: root folder where the main terraform plan resides, e.g. ./templates/terraform/
+  config_path:
+    required: true
+    type: string
+    description: .conf file relative to working_directory
+  var_path:
+    required: true
+    type: string
+    description: .var file path relative to working_directory
+
+runs:
+  using: "composite"
+  steps:
+    - name: Output Subscription Id
+      shell: bash
+      run: |
+        echo "ARM_SUBSCRIPTION_ID=$ARM_SUBSCRIPTION_ID"
+
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v3
+      with:
+        terraform_wrapper: false
+
+    - name: Terraform Init
+      working-directory: ${{ inputs.working_directory }}
+      shell: bash
+      run: terraform init -backend-config="${{ inputs.config_path }}"
+
+    - name: Terraform Plan
+      working-directory: ${{ inputs.working_directory }}
+      id: tf-plan
+      shell: bash
+      run: |
+        export exitcode=0
+        terraform plan -detailed-exitcode -no-color -out tfplan -var-file="${{ inputs.var_path }}" || export exitcode=$?
+        echo "exitcode=$exitcode" >> $GITHUB_OUTPUT
+        if [ $exitcode -eq 1 ]; then
+          echo Terraform Plan Failed!
+          exit 1
+        else 
+          echo Terraform Plan Successful!
+          exit 0
+        fi
+
+    - name: Create String Output
+      working-directory: ${{ inputs.working_directory }}
+      id: tf-plan-string
+      shell: bash
+      run: |
+        TERRAFORM_PLAN=$(terraform show -no-color tfplan)
+        delimiter="$(openssl rand -hex 8)"
+        echo "summary<<${delimiter}" >> $GITHUB_OUTPUT
+        echo "## Terraform Plan Output" >> $GITHUB_OUTPUT
+        echo "<details><summary>Click to expand</summary>" >> $GITHUB_OUTPUT
+        echo "" >> $GITHUB_OUTPUT
+        echo '```terraform' >> $GITHUB_OUTPUT
+        echo "$TERRAFORM_PLAN" >> $GITHUB_OUTPUT
+        echo '```' >> $GITHUB_OUTPUT
+        echo "</details>" >> $GITHUB_OUTPUT
+        echo "${delimiter}" >> $GITHUB_OUTPUT
+
+    - name: Publish Terraform Plan to Task Summary
+      working-directory: ${{ inputs.working_directory }}
+      env:
+        SUMMARY: ${{ steps.tf-plan-string.outputs.summary }}
+      shell: bash
+      run: |
+        echo "$SUMMARY" >> $GITHUB_STEP_SUMMARY
+
+    - name: Terraform Apply
+      working-directory: ${{ inputs.working_directory }}
+      shell: bash
+      run: terraform apply -auto-approve tfplan
diff --git a/.github/actions/rover-terraform-action/Dockerfile b/.github/actions/rover-terraform-action/Dockerfile
@@ -0,0 +1,5 @@
+FROM ghcr.io/hwinther-tietoevry/test-rover:latest
+
+# ADD entrypoint.sh /entrypoint.sh
+# ENTRYPOINT ["sh","/entrypoint.sh"]
+ENTRYPOINT ["/bin/rover"]
diff --git a/.github/actions/rover-terraform-action/Inner.Dockerfile b/.github/actions/rover-terraform-action/Inner.Dockerfile
@@ -0,0 +1,9 @@
+FROM im2nguyen/rover:v0.3.3
+
+# From https://github.com/Azure/azure-cli/issues/19591
+RUN apk add py3-pip
+RUN apk add gcc musl-dev python3-dev libffi-dev openssl-dev cargo make
+RUN pip install --upgrade pip
+RUN pip install azure-cli
+
+ENTRYPOINT ["/bin/rover"]
diff --git a/.github/actions/rover-terraform-action/LICENSE b/.github/actions/rover-terraform-action/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 James Cook
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/.github/actions/rover-terraform-action/README.md b/.github/actions/rover-terraform-action/README.md
@@ -0,0 +1,53 @@
+# GitHub Action - Rover Terraform Visualiser
+
+This is a GitHub Action to run Rover Terraform Visualiser and output standalone files. You can find the repository to [Rover here](https://github.com/im2nguyen/rover).
+
+## How to use
+
+You will need to create a workflow to checkout your repo:
+
+```yml
+- name: Checkout
+  uses: actions/checkout@v2
+```
+
+The you will need to specify the rover action:
+
+```yml
+- name: rover
+  uses: Official-James/rover-terraform-action@main
+```
+
+You will need to set enviornment variables so when Terraform initialises, it can access the backend and any variables specified. You can achieve this by doing the following:
+
+```yml
+- name: rover
+  uses: Official-James/rover-terraform-action@main
+  env:
+    ARM_CLIENT_ID: ***
+    ARM_CLIENT_SECRET: ***
+    ARM_SUBSCRIPTION_ID: ***
+    ARM_TENANT_ID: ***
+```
+
+The above is an example of environment variables for Azure. This will be different for each provider.
+
+The final step in the workflow will be the artifacting of the standalone files. You can achieve this by uploading the files:
+
+```yml
+- name: Upload rover Artifact
+  uses: actions/[email protected]
+  with:
+    name: rover
+    path: "./rover.zip"
+```
+
+Once you run the workflow, the actions will upload the artifacts and make them available within the run.
+
+## Special Thanks
+
+Special thanks to the contributors of [Rover](https://github.com/im2nguyen/rover).
+
+## Reporting Issues
+
+Please be aware that this is not the project for Rover. This repoistory is to run Rover as a GitHub Action. Any bugs with the action, report it as an issue here. Anything else should be reported to the [Rover repo](https://github.com/im2nguyen/rover).
diff --git a/.github/actions/rover-terraform-action/action.yml b/.github/actions/rover-terraform-action/action.yml
@@ -0,0 +1,9 @@
+name: Rover Terraform Action
+description: Run rover standalone to output results.
+branding:
+  icon: map
+  color: black
+
+runs:
+  using: "docker"
+  image: "Dockerfile"
diff --git a/.github/actions/rover-terraform-action/entrypoint.sh b/.github/actions/rover-terraform-action/entrypoint.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+rover -standalone true