chore(SER-3309): Refactor GA deployment jobs to avoid duplicationg env variables #428
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | ||
| name: build pipeline | ||
| on: | ||
| push: | ||
| branches: | ||
| - master | ||
| - main | ||
| - develop | ||
| - release/* | ||
| pull_request: | ||
| branches: | ||
| - master | ||
| - main | ||
| - develop | ||
| - 'release/*' | ||
| env: | ||
| SHOULD_PUBLISH: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/develop' || startsWith(github.ref , 'refs/heads/release') }} | ||
| IS_RELEASE: ${{ github.ref == 'refs/heads/master' }} | ||
| ARTIFACT_NAME: fineract-frontend-v2 | ||
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | ||
| jobs: | ||
| # This workflow contains a single job called "build" | ||
| build: | ||
| # The type of runner that the job will run on | ||
| name: Build and Deploy | ||
| runs-on: ubuntu-latest | ||
| # Steps represent a sequence of tasks that will be executed as part of the job | ||
| steps: | ||
| - name: Checkout Repository | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| fetch-tags: true | ||
| show-progress: false | ||
| - name: Setup Node.js to use | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 18 | ||
| - name: Angular CLI install | ||
| run: npm install -g --silent @angular/[email protected] | ||
| - name: Set image tag & other env variables | ||
| run: | | ||
| VERSION_TAG=$(sed 's/.*"version": "\(.*\)".*/\1/;t;d' ./package.json) | ||
| echo "VERSION_TAG=$VERSION_TAG" | ||
| echo "Is Release=$IS_RELEASE" | ||
| if [ $IS_RELEASE == 'true' ]; then | ||
| echo "This is a release" | ||
| IMAGE_TAGS=$VERSION_TAG | ||
| else | ||
| echo "This is a normal build" | ||
| IMAGE_TAGS="${VERSION_TAG}.$(date '+%Y.%m.%d').${{ github.run_number }}" | ||
| fi | ||
| echo "Tags: $IMAGE_TAGS" | ||
| echo "VERSION_TAG=$VERSION_TAG" >> $GITHUB_ENV | ||
| echo "IMAGE_TAGS=$IMAGE_TAGS" >> $GITHUB_ENV | ||
| - name: Install Node Packages | ||
| run: npm install | ||
| - name: Docker build | ||
| uses: docker/[email protected] | ||
| with: | ||
| push: false | ||
| tags: oaftech.azurecr.io/oneacrefund/fineract-frontend-v2:${{ env.IMAGE_TAGS }} | ||
| context: ${{ github.workspace }} | ||
| - name: Login to Azure registry | ||
| uses: docker/[email protected] | ||
| if: ${{ env.SHOULD_PUBLISH == 'true'}} | ||
| with: | ||
| registry: oaftech.azurecr.io | ||
| username: ${{ vars.ACR_PULL_USERNAME }} | ||
| password: ${{ secrets.ACR_PULL_PASSWORD }} | ||
| - name: Push an image to container registry | ||
| if: ${{ env.SHOULD_PUBLISH == 'true'}} | ||
| run: docker push oaftech.azurecr.io/oneacrefund/fineract-frontend-v2:${{ env.IMAGE_TAGS }} | ||
| - name: Use latest image tag | ||
| run: yq -i '.image.tag = "${{ env.IMAGE_TAGS }}"' ${{ github.workspace }}/deployment/values.yaml | ||
| - name: Publish configuration package | ||
| uses: actions/[email protected] | ||
| if: ${{ env.SHOULD_PUBLISH == 'true'}} | ||
| with: | ||
| name: fineract-frontend-v2 | ||
| path: ${{ github.workspace }}/deployment | ||
| sonarcloud: | ||
| name: Sonarcloud analyze | ||
| runs-on: ubuntu-latest | ||
| environment: dev | ||
| steps: | ||
| - name: Checkout Repository | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| fetch-tags: true | ||
| show-progress: false | ||
| - uses: actions/setup-node@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Install dependencies | ||
| run: npm install | ||
| - name: Run Lint and Unit Tests | ||
| continue-on-error: true | ||
| run: npm run test:ci | ||
| - name: Test and coverage | ||
| continue-on-error: true | ||
| run: npm run test:cov | ||
| - name: SonarCloud Scan | ||
| uses: SonarSource/sonarcloud-github-action@master | ||
| env: | ||
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
| SONAR_TOKEN: "${{ secrets.SONAR_TOKEN }}" | ||
| ## Deploy to the various clusters | ||
| Integration-k8s: | ||
| if: github.event.ref == 'refs/heads/develop' | ||
| needs: [build, sonarcloud] | ||
| uses: ./.github/workflows/deploy.yml | ||
| with: | ||
| environment: "Integration" | ||
| k8s_url: "${{ secrets.K8S_TEST_URL }}" | ||
|
Check failure on line 132 in .github/workflows/build.yml
|
||
| k8s_secret: "${{ secrets.K8S_TEST_DEFAULT }}" | ||
| QA-k8s: | ||
| needs: Integration-k8s | ||
| if: github.event.ref == 'refs/heads/develop' | ||
| uses: ./.github/workflows/deploy.yml | ||
| with: | ||
| environment: "QA" | ||
| k8s_url: "${{ secrets.K8S_QA_URL }}" | ||
| k8s_secret: "${{ secrets.K8S_QA_DEFAULT }}" | ||
| UAT-k8s: | ||
| runs-on: ubuntu-latest | ||
| if: github.event.ref == 'refs/heads/main' || contains(github.event.ref, 'refs/heads/hotfix/') || contains(github.event.ref, 'refs/heads/release/') | ||
| needs: [build, sonarcloud] | ||
| environment: | ||
| name: UAT | ||
| steps: | ||
| - uses: actions/[email protected] | ||
| - uses: one-acre-fund/oaf-actions/helm_setup@main | ||
| with: | ||
| ARTIFACT_NAME: "fineract-frontend-v2" | ||
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
| RUN_ID: "${{ github.run_id }}" | ||
| CI_REPOSITORY: "${{ github.repository }}" | ||
| K8S_URL: "${{ secrets.K8S_UAT_URL }}" | ||
| K8S_SECRET: "${{ secrets.K8S_UAT_DEFAULT }}" | ||
| - uses: "./.github/actions/helm_fineract_frontend" | ||
| with: | ||
| NAMESPACE: "${{ vars.NAMESPACE }}" | ||
| ACR_PULL_PASSWORD: "${{ secrets.ACR_PULL_PASSWORD }}" | ||
| ACR_PULL_USERNAME: "${{ vars.ACR_PULL_USERNAME }}" | ||
| REPLICAS: "${{ vars.REPLICAS }}" | ||
| RELEASE_NAME: "${{ vars.RELEASE_NAME }}" | ||
| FINERACT_PROXY_URL: "${{ vars.FINERACT_PROXY_URL }}" | ||
| FINERACT_PROXY_HTTPS_PORT: "${{ vars.FINERACT_PROXY_HTTPS_PORT }}" | ||
| FINERACT_PROXY_HTTP_PORT: "${{ vars.FINERACT_PROXY_HTTP_PORT }}" | ||
| FINERACT_KEYCLOAK_REALM: "${{ vars.FINERACT_KEYCLOAK_REALM }}" | ||
| FINERACT_KEYCLOAK_CLIENT_ID: "${{ vars.FINERACT_KEYCLOAK_CLIENT_ID }}" | ||
| FINERACT_KEYCLOAK_TOKEN_URL: "${{ vars.FINERACT_KEYCLOAK_TOKEN_URL }}" | ||
| FINERACT_KEYCLOAK_AUTH_SERVER_URL: "${{ vars.FINERACT_KEYCLOAK_AUTH_SERVER_URL }}" | ||
| FINERACT_KEYCLOAK_API_URL: "${{ vars.FINERACT_KEYCLOAK_API_URL }}" | ||
| FINERACT_HOST_HOME_URL: "${{ vars.FINERACT_HOST_HOME_URL }}" | ||
| FINERACT_BASE_URL: "${{ vars.FINERACT_BASE_URL }}" | ||
| FINERACT_AUTH_URL: "${{ vars.FINERACT_AUTH_URL }}" | ||
| FINERACT_API_URL: "${{ vars.FINERACT_API_URL }}" | ||
| MATOMO_SITE_ID: "${{ vars.MATOMO_SITE_ID }}" | ||
| MATOMO_SITE_URL: "${{ vars.MATOMO_SITE_URL }}" | ||
| Prod-k8s: | ||
| runs-on: ubuntu-latest | ||
| needs: UAT-k8s | ||
| if: github.event.ref == 'refs/heads/main' || contains(github.event.ref, 'refs/heads/hotfix/') || contains(github.event.ref, 'refs/heads/release/') | ||
| environment: | ||
| name: Production | ||
| steps: | ||
| - uses: actions/[email protected] | ||
| - uses: one-acre-fund/oaf-actions/helm_setup@main | ||
| with: | ||
| ARTIFACT_NAME: "fineract-frontend-v2" | ||
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
| RUN_ID: "${{ github.run_id }}" | ||
| CI_REPOSITORY: "${{ github.repository }}" | ||
| K8S_URL: "${{ secrets.K8S_PROD_URL }}" | ||
| K8S_SECRET: "${{ secrets.K8S_PROD_DEFAULT }}" | ||
| # - name: Start Maintenance Window | ||
| # id: start_maintenance | ||
| # uses: one-acre-fund/[email protected] | ||
| # with: | ||
| # UPTIME_USERNAME: ${{ secrets.UPTIME_USERNAME }} | ||
| # UPTIME_PASSWORD: ${{ secrets.UPTIME_PASSWORD }} | ||
| # UPTIME_API_URL: ${{ vars.UPTIME_API_URL }} | ||
| # MAINTENANCE_TITLE: "Service Deployment" | ||
| # MONITOR_ID: ${{ vars.MONITOR_ID }} | ||
| # MONITOR_NAME: ${{ vars.MONITOR_NAME }} | ||
| - uses: "./.github/actions/helm_fineract_frontend" | ||
| with: | ||
| NAMESPACE: "${{ vars.NAMESPACE }}" | ||
| ACR_PULL_PASSWORD: "${{ secrets.ACR_PULL_PASSWORD }}" | ||
| ACR_PULL_USERNAME: "${{ vars.ACR_PULL_USERNAME }}" | ||
| REPLICAS: "${{ vars.REPLICAS }}" | ||
| RELEASE_NAME: "${{ vars.RELEASE_NAME }}" | ||
| FINERACT_PROXY_URL: "${{ vars.FINERACT_PROXY_URL }}" | ||
| FINERACT_PROXY_HTTPS_PORT: "${{ vars.FINERACT_PROXY_HTTPS_PORT }}" | ||
| FINERACT_PROXY_HTTP_PORT: "${{ vars.FINERACT_PROXY_HTTP_PORT }}" | ||
| FINERACT_KEYCLOAK_REALM: "${{ vars.FINERACT_KEYCLOAK_REALM }}" | ||
| FINERACT_KEYCLOAK_CLIENT_ID: "${{ vars.FINERACT_KEYCLOAK_CLIENT_ID }}" | ||
| FINERACT_KEYCLOAK_TOKEN_URL: "${{ vars.FINERACT_KEYCLOAK_TOKEN_URL }}" | ||
| FINERACT_KEYCLOAK_AUTH_SERVER_URL: "${{ vars.FINERACT_KEYCLOAK_AUTH_SERVER_URL }}" | ||
| FINERACT_KEYCLOAK_API_URL: "${{ vars.FINERACT_KEYCLOAK_API_URL }}" | ||
| FINERACT_HOST_HOME_URL: "${{ vars.FINERACT_HOST_HOME_URL }}" | ||
| FINERACT_BASE_URL: "${{ vars.FINERACT_BASE_URL }}" | ||
| FINERACT_AUTH_URL: "${{ vars.FINERACT_AUTH_URL }}" | ||
| FINERACT_API_URL: "${{ vars.FINERACT_API_URL }}" | ||
| MATOMO_SITE_ID: "${{ vars.MATOMO_SITE_ID }}" | ||
| MATOMO_SITE_URL: "${{ vars.MATOMO_SITE_URL }}" | ||
| # - name: Delete Maintenance Window | ||
| # uses: one-acre-fund/[email protected] | ||
| # with: | ||
| # UPTIME_USERNAME: ${{ secrets.UPTIME_USERNAME }} | ||
| # UPTIME_PASSWORD: ${{ secrets.UPTIME_PASSWORD }} | ||
| # UPTIME_API_URL: ${{ vars.UPTIME_API_URL }} | ||
| # MAINTENANCE_ID: ${{ steps.start_maintenance.outputs.maintenance_id }} | ||
