Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI/CD update for PPR API and MHR API. #2080

Merged
merged 5 commits into from
Dec 10, 2024
Merged

CI/CD update for PPR API and MHR API. #2080

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
50308fa
CI/CD update for PPR API and MHR API.
pwei1018 Dec 10, 2024
bfabaec
Update vaults.
pwei1018 Dec 10, 2024
ac5148d
Merge branch 'main' into main
pwei1018 Dec 10, 2024
cbd8cb2
fixed config name issue.
pwei1018 Dec 10, 2024
cf4526c
Merge branch 'main' of https://github.com/pwei1018/ppr into main
pwei1018 Dec 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 32 additions & 0 deletions .github/workflows/mhr-api-cd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: MHR API CD

on:
push:
branches:
- main
- feature*
- hotfix*
paths:
- "mhr-api/**"
workflow_dispatch:
inputs:
target:
description: "Deploy To"
required: true
type: choice
options:
- dev
- test
- sandbox
- prod

jobs:
mhr-api-cd:
uses: bcgov/bcregistry-sre/.github/workflows/backend-cd.yaml@main
with:
target: ${{ inputs.target }}
app_name: "mhr-api"
working_directory: "./mhr-api"
secrets:
WORKLOAD_IDENTIFY_POOLS_PROVIDER: ${{ secrets.WORKLOAD_IDENTIFY_POOLS_PROVIDER }}
GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }}
20 changes: 20 additions & 0 deletions .github/workflows/mhr-api-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
name: MHR API CI

on:
pull_request:
paths:
- "mhr-api/**"
workflow_dispatch:

defaults:
run:
shell: bash
working-directory: ./mhr-api

jobs:
mhr-api-ci:
uses: bcgov/bcregistry-sre/.github/workflows/backend-ci.yaml@main
with:
app_name: "mhr-api"
working_directory: "./mhr-api"
codecov_flag: "mhrapi"
119 changes: 19 additions & 100 deletions .github/workflows/ppr-api-cd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,110 +4,29 @@ on:
push:
branches:
- main
- feature*
- hotfix*
paths:
- "ppr-api/**"
workflow_dispatch:
inputs:
environment:
description: "Environment (dev/test/prod)"
target:
description: "Deploy To"
required: true
default: "dev"

defaults:
run:
shell: bash
working-directory: ./ppr-api

env:
APP_NAME: "ppr-api"
TAG_NAME: "dev"
type: choice
options:
- dev
- test
- sandbox
- prod

jobs:
ppr-api-cd-by-push:
runs-on: ubuntu-20.04

if: github.event_name == 'push' && github.repository == 'bcgov/ppr'
environment:
name: "dev"

steps:
- uses: actions/checkout@v3

- name: Login Openshift
shell: bash
run: |
oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}}

- name: CD Flow
shell: bash
env:
OPS_REPOSITORY: ${{ secrets.OPS_REPOSITORY }}
OPENSHIFT_DOCKER_REGISTRY: ${{ secrets.OPENSHIFT4_DOCKER_REGISTRY }}
OPENSHIFT_SA_NAME: ${{ secrets.OPENSHIFT4_SA_NAME }}
OPENSHIFT_SA_TOKEN: ${{ secrets.OPENSHIFT4_SA_TOKEN }}
OPENSHIFT_REPOSITORY: ${{ secrets.OPENSHIFT4_REPOSITORY }}
TAG_NAME: ${{ env.TAG_NAME }}
run: |
make cd

- name: Watch new rollout (trigger by image change in Openshift)
shell: bash
run: |
oc rollout status dc/${{ env.APP_NAME }}-${{ env.TAG_NAME }} -n ${{ secrets.OPENSHIFT4_REPOSITORY }}-${{ env.TAG_NAME }} -w

- name: Rocket.Chat Notification
uses: RocketChat/Rocket.Chat.GitHub.Action.Notification@master
if: failure()
with:
type: ${{ job.status }}
job_name: "*PPR API Built and Deployed to ${{env.TAG_NAME}}*"
channel: "#registries-bot"
url: ${{ secrets.ROCKETCHAT_WEBHOOK }}
commit: true
token: ${{ secrets.GITHUB_TOKEN }}

ppr-api-cd-by-dispatch:
runs-on: ubuntu-20.04

if: github.event_name == 'workflow_dispatch' && github.repository == 'bcgov/ppr'
environment:
name: "${{ github.event.inputs.environment }}"

steps:
- uses: actions/checkout@v3
- name: Set env by input
run: |
echo "TAG_NAME=${{ github.event.inputs.environment }}" >> $GITHUB_ENV

- name: Login Openshift
shell: bash
run: |
oc login --server=${{secrets.OPENSHIFT4_LOGIN_REGISTRY}} --token=${{secrets.OPENSHIFT4_SA_TOKEN}}

- name: CD Flow
shell: bash
env:
OPS_REPOSITORY: ${{ secrets.OPS_REPOSITORY }}
OPENSHIFT_DOCKER_REGISTRY: ${{ secrets.OPENSHIFT4_DOCKER_REGISTRY }}
OPENSHIFT_SA_NAME: ${{ secrets.OPENSHIFT4_SA_NAME }}
OPENSHIFT_SA_TOKEN: ${{ secrets.OPENSHIFT4_SA_TOKEN }}
OPENSHIFT_REPOSITORY: ${{ secrets.OPENSHIFT4_REPOSITORY }}
TAG_NAME: ${{ env.TAG_NAME }}
run: |
make cd

- name: Watch new rollout (trigger by image change in Openshift)
shell: bash
run: |
oc rollout status dc/${{ env.APP_NAME }}-${{ env.TAG_NAME }} -n ${{ secrets.OPENSHIFT4_REPOSITORY }}-${{ env.TAG_NAME }} -w

- name: Rocket.Chat Notification
uses: RocketChat/Rocket.Chat.GitHub.Action.Notification@master
if: failure()
with:
type: ${{ job.status }}
job_name: "*PPR API Built and Deployed to ${{env.TAG_NAME}}*"
channel: "#registries-bot"
url: ${{ secrets.ROCKETCHAT_WEBHOOK }}
commit: true
token: ${{ secrets.GITHUB_TOKEN }}
ppr-api-cd:
uses: bcgov/bcregistry-sre/.github/workflows/backend-cd.yaml@main
with:
target: ${{ inputs.target }}
app_name: "ppr-api"
working_directory: "./ppr-api"
secrets:
WORKLOAD_IDENTIFY_POOLS_PROVIDER: ${{ secrets.WORKLOAD_IDENTIFY_POOLS_PROVIDER }}
GCP_SERVICE_ACCOUNT: ${{ secrets.GCP_SERVICE_ACCOUNT }}
113 changes: 7 additions & 106 deletions .github/workflows/ppr-api-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,118 +2,19 @@ name: PPR API CI

on:
pull_request:
types: [assigned, synchronize]
paths:
- "ppr-api/**"
workflow_dispatch:

defaults:
run:
shell: bash
working-directory: ./ppr-api

jobs:
setup-job:
runs-on: ubuntu-20.04

if: github.repository == 'bcgov/ppr'

steps:
- uses: actions/checkout@v3
- run: "true"

linting:
needs: setup-job
runs-on: ubuntu-20.04

strategy:
matrix:
python-version: [3.9, 3.10]

steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
make setup
- name: Lint with pylint
id: pylint
run: |
make pylint
- name: Lint with flake8
id: flake8
run: |
make flake8

testing:
needs: setup-job
env:
IMAGE_NAME: ppr-api
DATABASE_TEST_USERNAME: postgres
DATABASE_TEST_PASSWORD: postgres
DATABASE_TEST_NAME: postgres
DATABASE_TEST_HOST: localhost
DATABASE_TEST_PORT: 5432
DATABASE_HOST: localhost
DATABASE_PORT: 5432
DATABASE_PASSWORD: postgres
NATS_SERVERS: "nats://nats:4222"
NATS_CLIENT_NAME: entity.ppr_api
NATS_CLUSTER_ID: test-cluster
NATS_FILER_SUBJECT: entity.ppr.pay
NATS_QUEUE: ppr-worker
JWT_OIDC_JWKS_CACHE_TIMEOUT: 300

runs-on: ubuntu-20.04

services:
postgres:
image: postgres:12
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: postgres
ports:
- 5432:5432
# needed because the postgres container does not provide a healthcheck
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5

steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
make setup
- name: Upgrade db
run: |
. venv/bin/activate && python manage.py db upgrade
- name: Create Test Data
run: |
. venv/bin/activate && python manage.py create_test_data
- name: Test with pytest
id: test
run: |
make test
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
file: ./ppr-api/coverage.xml
flags: pprapi
name: codecov-ppr-api
fail_ci_if_error: true

build-check:
needs: setup-job
runs-on: ubuntu-20.04

steps:
- uses: actions/checkout@v3
- name: build to check strictness
id: build
run: |
make build-nc
ppr-api-ci:
uses: bcgov/bcregistry-sre/.github/workflows/backend-ci.yaml@main
with:
app_name: "ppr-api"
working_directory: "./ppr-api"
codecov_flag: "pprapi"
6 changes: 5 additions & 1 deletion codecov.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ coverage:
target: 75%
flags:
- pprapi

- mhrapi
ui:
target: 50%
flags:
Expand Down Expand Up @@ -46,3 +46,7 @@ flags:
paths:
- ppr-ui/src
carryforward: true
mhrapi:
paths:
- mhr-api/src/mhr-api
carryforward: true
8 changes: 5 additions & 3 deletions mhr-api/.env.sample
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,9 +36,11 @@ JWT_OIDC_TEST_JWKS_CACHE_TIMEOUT=300
JWT_OIDC_PUBLIC_KEY_PEM=

# Integration Settings
AUTH_SVC_URL=
PAYMENT_SVC_URL=
REPORT_SVC_URL=
AUTH_API_URL=
AUTH_API_VERSION=
PAY_API_URL=
PAY_API_VERSION=
REPORT_API_URL=
REPORT_TEMPLATE_PATH="report-templates"
GATEWAY_LTSA_URL=
GATEWAY_URL=
Expand Down
10 changes: 6 additions & 4 deletions mhr-api/devops/vaults.gcp.env
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,21 +9,23 @@ JWT_OIDC_TOKEN_URL="op://ppr/$APP_ENV/jwt/JWT_OIDC_TOKEN_URL"
ACCOUNT_SVC_CLIENT_ID="op://ppr/$APP_ENV/jwt/ACCOUNT_SVC_CLIENT_ID"
ACCOUNT_SVC_CLIENT_SECRET="op://ppr/$APP_ENV/jwt/ACCOUNT_SVC_CLIENT_SECRET"
ACCOUNT_SVC_TIMEOUT="op://ppr/$APP_ENV/ppr-api/ACCOUNT_SVC_TIMEOUT"
AUTH_SVC_URL="op://ppr/$APP_ENV/ppr-api/AUTH_SVC_URL"
DATABASE_USERNAME="op://database/$APP_ENV/ppr-db-gcp/DATABASE_USERNAME"
DATABASE_PASSWORD="op://database/$APP_ENV/ppr-db-gcp/DATABASE_PASSWORD"
DATABASE_PORT="op://database/$APP_ENV/ppr-db-gcp/DATABASE_PORT"
DATABASE_NAME="op://database/$APP_ENV/ppr-db-gcp/DATABASE_NAME"
DATABASE_UNIX_SOCKET="op://database/$APP_ENV/ppr-db-gcp/DATABASE_UNIX_SOCKET"
PAYMENT_SVC_URL="op://ppr/$APP_ENV/ppr-api/PAYMENT_SVC_URL"
AUTH_API_URL="op://API/$APP_ENV/auth-api/AUTH_API_URL"
AUTH_API_VERSION="op://API/$APP_ENV/auth-api/AUTH_API_VERSION"
PAY_API_URL="op://API/$APP_ENV/pay-api/PAY_API_URL"
PAY_API_VERSION="op://API/$APP_ENV/pay-api/PAY_API_VERSION"
REPORT_API_URL="op://API/$APP_ENV/report-api-gotenberg/REPORT_API_GOTENBERG_URL"
GOOGLE_DEFAULT_SA="op://buckets/$APP_ENV/mhr-api/GOOGLE_DEFAULT_SA"
GCP_CS_PROJECT_ID="op://ppr/$APP_ENV/mhr-api/GCP_PS_PROJECT_ID"
GCP_CS_SA_SCOPES="op://buckets/$APP_ENV/mhr-api/GCP_CS_SA_SCOPES"
GCP_CS_BUCKET_ID="op://buckets/$APP_ENV/mhr-api/GCP_CS_BUCKET_ID"
GCP_CS_BUCKET_ID_REGISTRATION ="op://buckets/$APP_ENV/mhr-api/GCP_CS_BUCKET_ID_REGISTRATION"
GCP_CS_BUCKET_ID_BATCH="op://buckets/$APP_ENV/mhr-api/GCP_CS_BUCKET_ID_BATCH"
GCP_CS_BUCKET_ID_TERMS="op://buckets/$APP_ENV/mhr-api/GCP_CS_BUCKET_ID_TERMS"
REPORT_SVC_URL="op://ppr/$APP_ENV/mhr-api/REPORT_SVC_URL"
REPORT_TEMPLATE_PATH="op://API/$APP_ENV/report-api-gotenberg/REPORT_TEMPLATE_PATH"
SEARCH_PDF_ASYNC_THRESHOLD="op://ppr/$APP_ENV/mhr-api/SEARCH_PDF_ASYNC_THRESHOLD"
EVENT_MAX_RETRIES="op://ppr/$APP_ENV/mhr-api/EVENT_MAX_RETRIES"
Expand All @@ -43,4 +45,4 @@ DOC_SERVICE_CONFIG="op://ppr/$APP_ENV/mhr-api/DOC_SERVICE_CONFIG"
GUNICORN_PROCESSES="op://ppr/$APP_ENV/mhr-api/GUNICORN_PROCESSES"
GUNICORN_THREADS="op://ppr/$APP_ENV/mhr-api/GUNICORN_THREADS"
REPORT_VERSION="op://ppr/$APP_ENV/mhr-api/REPORT_VERSION"
REPORT_API_AUDIENCE="op://ppr/$APP_ENV/mhr-api/REPORT_API_AUDIENCE"
REPORT_API_AUDIENCE=op://API/$APP_ENV/report-api-gotenberg/REPORT_API_GOTENBERG_URL"
Loading
Loading