pubcode/.github/workflows/.deploy.yml at main · bcgov/pubcode · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
name: .Deploys

on:
  workflow_call:
    inputs:
      ### Typical / recommended
      autoscaling:
        description: Autoscaling enabled or not for the deployments
        required: false
        type: string
        default: "true"
      environment:
        description: Environment name; omit for PRs
        required: false
        type: string
      tag:
        description: Container tag; usually PR number
        required: false
        type: string
        default: ${{ github.event.number }}
      triggers:
        description: Paths to trigger a deploy; omit=always; e.g. ('backend/' 'frontend/')
        required: false
        type: string

      ### Usually a bad idea / not recommended
      directory:
        description: "Chart directory"
        default: "charts/${{ github.event.repository.name }}"
        required: false
        type: string
      timeout-minutes:
        description: "Timeout minutes"
        default: 10
        required: false
        type: number
      values:
        description: "Values file"
        default: "values.yaml"
        required: false
        type: string
      params:
        description: "Extra parameters to pass to helm upgrade"
        default: ""
        required: false
        type: string
      release_name:
        description: "Release name"
        default: ${{ github.event.repository.name }}
        required: false
        type: string

permissions: {}

jobs:
  deploys:
    name: Helm
    environment: ${{ inputs.environment }}
    runs-on: ubuntu-24.04
    permissions:
      contents: read
    timeout-minutes: ${{ inputs.timeout-minutes }}
    steps:
      - uses: actions/checkout@v6
      - name: Stop pre-existing deployments on PRs (status = pending-upgrade)
        if: github.event_name == 'pull_request'
        uses: bcgov/action-oc-runner@d2fc921aaa9d70684c186dbb7754e6985d44d86f # v1.4.1
        with:
          oc_namespace: ${{ vars.oc_namespace }}
          oc_token: ${{ secrets.oc_token }}
          oc_server: ${{ vars.oc_server }}
          triggers: ${{ inputs.triggers }}
          commands: |
            # Interrupt any previous deployments (PR only)
            PREVIOUS=$(helm status ${{ inputs.release_name }} -o json | jq .info.status || true)
            if [[ ${PREVIOUS} =~ pending ]]; then
              echo "Rollback triggered"
              helm rollback ${{ inputs.release_name }} || \
                helm uninstall ${{ inputs.release_name }}
            fi

      - name: Deploy
        uses: bcgov/action-oc-runner@d2fc921aaa9d70684c186dbb7754e6985d44d86f # v1.4.1
        with:
          oc_namespace: ${{ vars.oc_namespace }}
          oc_token: ${{ secrets.oc_token }}
          oc_server: ${{ vars.oc_server }}
          triggers: ${{ inputs.triggers }}
          commands: |
            # echo current git branch

            # If directory provided, cd to it
            [ -z "${{ inputs.directory }}" ]|| cd ${{ inputs.directory }}
            # Deploy Helm Chart
            helm dependency update
            helm package --app-version="v${{ inputs.tag }}" --version=${{ inputs.tag }} .
            cp ./${{ github.event.repository.name }}-${{ inputs.tag }}.tgz pubcode.tgz
            COMMANDS="--install --wait --atomic --timeout ${{ inputs.timeout-minutes }}m"
            PARAMS="${{ inputs.release_name }} \
              --set global.autoscaling=${{ inputs.autoscaling }} \
              --set-string global.repository=${{ github.repository }} \
              --set-string global.secrets.emailRecipients=${{ secrets.EMAIL_RECIPIENTS }} \
              --set-string global.secrets.chesTokenURL=${{ secrets.CHES_TOKEN_URL }} \
              --set-string global.secrets.chesClientID=${{ secrets.CHES_CLIENT_ID }} \
              --set-string global.secrets.chesClientSecret=${{ secrets.CHES_CLIENT_SECRET }} \
              --set-string global.secrets.chesAPIURL=${{ secrets.CHES_API_URL }} \
              --set-string global.secrets.databaseAdminPassword=${{ secrets.DB_PWD }} \
              --set-string global.secrets.powerBIURL=${{ secrets.POWERBI_URL }} \
              --values ${{ inputs.values }} "

            if [ -n "${{ inputs.params }}" ]; then
              PARAMS+="${{ inputs.params }}"
            fi
            echo "PARAMS: $PARAMS"
            echo "COMMANDS: $COMMANDS"
            helm upgrade $PARAMS $COMMANDS pubcode.tgz
            #helm install --dry-run --debug $PARAMS pubcode.tgz #for debugging

            # print history
            helm history ${{ inputs.release_name }} || true

            # Remove old build runs, build pods and deployment pods
            oc delete po --field-selector=status.phase==Succeeded