Configure PR Deployments to Share DEV master Postgres Cluster #704
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pull Request Opened | |
env: | |
ACRONYM: coms | |
APP_NAME: common-object-management-service | |
NAMESPACE_PREFIX: bb17f9 | |
on: | |
pull_request: | |
branches: | |
- master | |
types: | |
- opened | |
- reopened | |
- synchronize | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
name: Build & Push | |
if: "! github.event.pull_request.head.repo.fork" | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Build & Push | |
uses: ./.github/actions/build-push-container | |
with: | |
context: . | |
image_name: ${{ env.APP_NAME }} | |
github_username: ${{ github.repository_owner }} | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
deploy-pr-dev: | |
name: Deploy Pull Request to Dev | |
environment: | |
name: pr | |
url: https://${{ env.ACRONYM }}-dev-pr-${{ github.event.number }}.apps.silver.devops.gov.bc.ca | |
runs-on: ubuntu-latest | |
needs: build | |
timeout-minutes: 12 # increase for crunchyDB ? | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Deploy to Dev | |
uses: ./.github/actions/deploy-to-environment | |
with: | |
app_name: ${{ env.APP_NAME }} | |
acronym: ${{ env.ACRONYM }} | |
environment: pr | |
deploy_postgres: false | |
job_name: pr-${{ github.event.number }} | |
namespace_prefix: ${{ env.NAMESPACE_PREFIX }} | |
namespace_environment: dev | |
openshift_server: ${{ secrets.OPENSHIFT_SERVER }} | |
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
- name: Login to OpenShift Cluster | |
uses: redhat-actions/oc-login@v1 | |
with: | |
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} | |
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
insecure_skip_tls_verify: true | |
namespace: ${{ env.NAMESPACE_PREFIX }}-dev | |
# TODO: does pr-123 user need to own database pr-123 in order to connect run knex migrations? | |
- name: Add PR specific user to Crunchy DB | |
shell: bash | |
run: | | |
echo 'Adding PR specific user to Crunchy DB' | |
NEW_USER='{"databases":["pr-${{ github.event.number }}"],"name":"pr-${{ github.event.number }}"}' | |
CURRENT_USERS=$(oc get PostgresCluster/postgres-master -o json | jq '.spec.users') | |
echo "${CURRENT_USERS}" | |
# check if current_users already contains the new_user | |
if echo "${CURRENT_USERS}" | jq -e ".[] | select(.name == \"pr-${{ github.event.number }}\")" > /dev/null; then | |
echo "User already exists" | |
exit 0 | |
fi | |
UPDATED_USERS=$(echo "${CURRENT_USERS}" | jq --argjson NEW_USER "${NEW_USER}" '. + [$NEW_USER]') | |
PATCH_JSON=$(jq -n --argjson users "${UPDATED_USERS}" '{"spec": {"users": $users}}') | |
oc patch PostgresCluster/postgres-master --type=merge -p "${PATCH_JSON}" | |
# wait for sometime as it takes time to create the user, query the secret and check if it is created, otherwise wait in a loop for 5 rounds | |
for i in {1..5}; do | |
if oc get secret postgres-crunchy-pguser-pr-${{ github.event.number }} -o jsonpath='{.metadata.name}' > /dev/null; then | |
echo "Secret created" | |
break | |
else | |
echo "Secret not created, waiting for 60 seconds" | |
sleep 60 | |
fi | |
done | |
- name: Release Comment on PR | |
uses: marocchino/sticky-pull-request-comment@v2 | |
if: success() | |
with: | |
header: release | |
message: | | |
Release ${{ github.sha }} deployed at <https://${{ env.ACRONYM }}-dev-pr-${{ github.event.number }}.apps.silver.devops.gov.bc.ca> |