1. Build & Deploy to Dev #2095
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 1. Build & Deploy to Dev | |
| #Will automatically run on a push to main, but can also be run manually | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| paths-ignore: | |
| - '.github/**' | |
| workflow_dispatch: | |
| env: | |
| ENVIRONMENT: dev | |
| IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} | |
| REGISTRY_USER: ${{ github.actor }} | |
| REGISTRY_PASSWORD: ${{ github.token }} | |
| jobs: | |
| # build-static: | |
| # runs-on: ubuntu-latest | |
| # name: Build & Push Static Image | |
| # environment: dev | |
| # steps: | |
| # - name: Checkout Code | |
| # uses: actions/checkout@v6 | |
| # - name: Build Static | |
| # id: build_image | |
| # uses: redhat-actions/buildah-build@v2 | |
| # with: | |
| # context: . | |
| # layers: true | |
| # image: drivebc-static | |
| # tags: latest latest-dev ${{ github.sha }} | |
| # labels: | | |
| # app=drivebc | |
| # containerfiles: ./compose/frontend/StaticBuild | |
| # build-args: | | |
| # FONTAWESOME_PACKAGE_TOKEN=${{ secrets.FONTAWESOME_PACKAGE_TOKEN }} | |
| # DEBUG_BUILD=true | |
| # - name: Push to Github Packages | |
| # uses: redhat-actions/push-to-registry@v2 | |
| # with: | |
| # image: ${{ steps.build_image.outputs.image }} | |
| # tags: ${{ steps.build_image.outputs.tags }} | |
| # registry: ${{ env.IMAGE_REGISTRY }} | |
| # username: ${{ env.REGISTRY_USER }} | |
| # password: ${{ env.REGISTRY_PASSWORD }} | |
| build-backend: | |
| runs-on: ubuntu-latest | |
| name: Build & Push Backend Image | |
| environment: dev | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v6 | |
| - name: Build Backend | |
| id: build_image | |
| uses: redhat-actions/buildah-build@v2 | |
| with: | |
| image: drivebc-django | |
| tags: latest latest-dev ${{ github.sha }} | |
| labels: | | |
| app=drivebc | |
| containerfiles: ./compose/backend/Dockerfile | |
| build-args: | |
| DEBUG_BUILD=true | |
| - name: Push to Github Packages | |
| uses: redhat-actions/push-to-registry@v2 | |
| with: | |
| image: ${{ steps.build_image.outputs.image }} | |
| tags: ${{ steps.build_image.outputs.tags }} | |
| registry: ${{ env.IMAGE_REGISTRY }} | |
| username: ${{ env.REGISTRY_USER }} | |
| password: ${{ env.REGISTRY_PASSWORD }} | |
| # build-redis: | |
| # runs-on: ubuntu-latest | |
| # name: Build & Push Redis Image | |
| # environment: dev | |
| # steps: | |
| # - name: Checkout Code | |
| # uses: actions/checkout@v6 | |
| # - name: Build Redis | |
| # id: build_image | |
| # uses: redhat-actions/buildah-build@v2 | |
| # with: | |
| # image: drivebc-redis | |
| # tags: latest latest-dev ${{ github.sha }} | |
| # labels: | | |
| # app=drivebc | |
| # containerfiles: ./compose/redis/Dockerfile | |
| # - name: Push to Github Packages | |
| # uses: redhat-actions/push-to-registry@v2 | |
| # with: | |
| # image: ${{ steps.build_image.outputs.image }} | |
| # tags: ${{ steps.build_image.outputs.tags }} | |
| # registry: ${{ env.IMAGE_REGISTRY }} | |
| # username: ${{ env.REGISTRY_USER }} | |
| # password: ${{ env.REGISTRY_PASSWORD }} | |
| # build-openshiftjobs: | |
| # runs-on: ubuntu-latest | |
| # name: Build & Push OpenShift Jobs Image | |
| # environment: dev | |
| # steps: | |
| # - name: Checkout Code | |
| # uses: actions/checkout@v6 | |
| # - name: Build OpenShift Jobs | |
| # id: build_image | |
| # uses: redhat-actions/buildah-build@v2 | |
| # with: | |
| # context: . | |
| # layers: true | |
| # image: drivebc-openshiftjobs | |
| # tags: latest latest-dev ${{ github.sha }} | |
| # labels: | | |
| # app=drivebc | |
| # containerfiles: ./compose/openshiftjobs/DockerFile | |
| # - name: Push to Github Packages | |
| # uses: redhat-actions/push-to-registry@v2 | |
| # with: | |
| # image: ${{ steps.build_image.outputs.image }} | |
| # tags: ${{ steps.build_image.outputs.tags }} | |
| # registry: ${{ env.IMAGE_REGISTRY }} | |
| # username: ${{ env.REGISTRY_USER }} | |
| # password: ${{ env.REGISTRY_PASSWORD }} | |
| update-openshift-gold: | |
| needs: [build-backend] | |
| runs-on: ubuntu-latest | |
| name: Deploy Latest Images to OpenShift Gold | |
| environment: | |
| name: dev | |
| url: https://dev-drivebc.apps.gold.devops.gov.bc.ca | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Install CLI tools from OpenShift Mirror | |
| uses: redhat-actions/openshift-tools-installer@v1 | |
| with: | |
| oc: "4" | |
| skip_cache: true | |
| - name: Authenticate and set context | |
| uses: redhat-actions/oc-login@v1 | |
| with: | |
| openshift_server_url: ${{ vars.OPENSHIFT_GOLD_SERVER }} | |
| openshift_token: ${{ secrets.OPENSHIFT_GOLD_TOKEN }} | |
| namespace: ${{ vars.OPENSHIFT_NAMESPACE }} | |
| insecure_skip_tls_verify: false | |
| - name: Helm upgrade on OpenShift Gold Environment | |
| run: | | |
| helm upgrade dev-drivebc -f ./infrastructure/main/values-dev.yaml ./infrastructure/main --set static.image.tag=4cecd55d6c549b2eba3415bf6e8f521950537c6a --set django.image.tag=${{ github.sha }} --set tasks.image.tag=${{ github.sha }} --set image-consumer.image.tag=${{ github.sha }} --set redis.image.tag=4cecd55d6c549b2eba3415bf6e8f521950537c6a --set openshiftjobs.image.tag=4cecd55d6c549b2eba3415bf6e8f521950537c6a | |
| # I have this run after the push to Gold because I want to make sure that Gold runs the migrations first. Gold DR can't run migrations as DB is read-only | |
| update-openshift-golddr: | |
| needs: [update-openshift-gold] | |
| runs-on: ubuntu-latest | |
| name: Deploy Latest Images to OpenShift GoldDR | |
| environment: | |
| name: dev | |
| url: https://dev-drivebc.apps.golddr.devops.gov.bc.ca | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Install CLI tools from OpenShift Mirror | |
| uses: redhat-actions/openshift-tools-installer@v1 | |
| with: | |
| oc: "4" | |
| skip_cache: true | |
| - name: Authenticate and set context | |
| uses: redhat-actions/oc-login@v1 | |
| with: | |
| openshift_server_url: ${{ vars.OPENSHIFT_GOLDDR_SERVER }} | |
| openshift_token: ${{ secrets.OPENSHIFT_GOLDDR_TOKEN }} | |
| namespace: ${{ vars.OPENSHIFT_NAMESPACE }} | |
| insecure_skip_tls_verify: false | |
| - name: Helm upgrade on OpenShift GoldDR Environment | |
| run: | | |
| helm upgrade dev-drivebc -f ./infrastructure/main/values-dev.yaml -f ./infrastructure/main/values-dev-dr.yaml ./infrastructure/main --set static.image.tag=4cecd55d6c549b2eba3415bf6e8f521950537c6a --set django.image.tag=${{ github.sha }} --set tasks.image.tag=${{ github.sha }} --set image-consumer.image.tag=${{ github.sha }} --set redis.image.tag=4cecd55d6c549b2eba3415bf6e8f521950537c6a --set openshiftjobs.image.tag=4cecd55d6c549b2eba3415bf6e8f521950537c6a | |
| # automatedTests: | |
| # needs: [versionUpdate] | |
| # name: Automated Smoke Test | |
| # uses: bcgov/DriveBC.ca-automated-tests/.github/workflows/playwright.yml@main | |
| # with: | |
| # environment: 'dev' | |
| # secrets: inherit |