-
Notifications
You must be signed in to change notification settings - Fork 1
162 lines (139 loc) · 7.43 KB
/
role-sync-promote-image-to-env.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
#This workflow requires an input and based on that input pulls the appropriate image and tags it with the next environments name
name: Promote the role sync image to test or prod on Gold and GoldDR cluster
on:
workflow_dispatch:
inputs:
environment:
type: choice
description: Select the environment
required: true
options:
- test
- prod
jobs:
run-test:
runs-on: ubuntu-latest
environment:
name: Testing
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- uses: actions/checkout@v2
- name: Cluster Login
uses: redhat-developer/openshift-actions@v1.1
with:
openshift_server_url: ${{ secrets.OPENSHIFT4_SERVER_URL }}
parameters: '{"apitoken": "${{ secrets.OPENSHIFT4_SA_PASSWORD }}"}'
cmd: |
'version'
- name: Login to Openshift Docker Registry
uses: docker/login-action@v1
with:
registry: ${{ secrets.OPENSHIFT4_REGISTRY }}
username: ${{ secrets.OPENSHIFT4_SA_USERNAME }}
password: ${{ secrets.OPENSHIFT4_SA_PASSWORD }}
- name: Login to Openshift Docker Registry GoldDR
uses: docker/login-action@v1
with:
registry: ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}
username: ${{ secrets.OPENSHIFT4_SA_USERNAME }}
password: ${{ secrets.OPENSHIFT4_SA_PASSWORD_GOLDDR }}
- name: Pull Dev Image
run: |
docker pull ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:dev
- name: Docker Tag Version Test
run: |
docker tag ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:dev ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:test
- name: Docker Push Version Test to Gold and GoldDR
run: |
docker push ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:test
docker tag ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:test ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:test
docker push ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:test
- name: Set GitOps SSH Key
uses: webfactory/ssh-agent@v0.5.4
with:
ssh-private-key: ${{ secrets.GIT_OPS_SSH_KEY }}
# Getting the SHA from the latest image in the image stream and setting it to a variable to use
# at a later step
- name: Get and Store Current Image SHA
run: |
IMAGE_SHA=$(oc describe istag/cccm-role-sync:test -n abb712-tools | grep 'Image Name' | awk '{ print $3 }')
echo "::set-output name=IMAGE_SHA::$IMAGE_SHA"
id: image_sha
# Cloning the GitOps repo so that the kutomization file that holds the image tag information can be
# synced with what is live in openshift
- name: Git Clone Repo
run: |
git config --global user.name "Github Action - CCCM Repo Frontend Promote Dev Image to Test"
git config --global user.email "cccm-frontend@githubaction.com"
git clone git@github.com:bcgov-c/tenant-gitops-abb712.git
cd tenant-gitops-abb712/cccm/overlays/gold/test
kustomize edit set image cccm-role-sync-image=image-registry.openshift-image-registry.svc:5000/abb712-tools/cccm-role-sync@${{ steps.image_sha.outputs.IMAGE_SHA }}
git add kustomization.yaml
cd ../../golddr/test
kustomize edit set image cccm-role-sync-image=image-registry.openshift-image-registry.svc:5000/abb712-tools/cccm-role-sync@${{ steps.image_sha.outputs.IMAGE_SHA }}
git add kustomization.yaml
git commit -m "Updated cccm-role-sync image sha in Kustomization file from CCCM Github Action"
git push
run-prod:
runs-on: ubuntu-latest
environment:
name: Production
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- uses: actions/checkout@v2
- name: Cluster Login
uses: redhat-developer/openshift-actions@v1.1
with:
openshift_server_url: ${{ secrets.OPENSHIFT4_SERVER_URL }}
parameters: '{"apitoken": "${{ secrets.OPENSHIFT4_SA_PASSWORD }}"}'
cmd: |
'version'
- name: Login to Openshift Docker Registry
uses: docker/login-action@v1
with:
registry: ${{ secrets.OPENSHIFT4_REGISTRY }}
username: ${{ secrets.OPENSHIFT4_SA_USERNAME }}
password: ${{ secrets.OPENSHIFT4_SA_PASSWORD }}
- name: Login to Openshift Docker Registry GoldDR
uses: docker/login-action@v1
with:
registry: ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}
username: ${{ secrets.OPENSHIFT4_SA_USERNAME }}
password: ${{ secrets.OPENSHIFT4_SA_PASSWORD_GOLDDR }}
- name: Pull Test Image
run: |
docker pull ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:test
- name: Docker Tag Version Prod
run: |
docker tag ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:test ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:prod
- name: Docker Push Version Prod to Gold and GoldDR
run: |
docker push ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:prod
docker tag ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:prod ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:prod
docker push ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}/${{ secrets.LICENSE_PLATE }}-tools/cccm-role-sync:prod
- name: Set GitOps SSH Key
uses: webfactory/ssh-agent@v0.5.4
with:
ssh-private-key: ${{ secrets.GIT_OPS_SSH_KEY }}
# Getting the SHA from the latest image in the image stream and setting it to a variable to use
# at a later step
- name: Get and Store Current Image SHA
run: |
IMAGE_SHA=$(oc describe istag/cccm-role-sync:prod -n abb712-tools | grep 'Image Name' | awk '{ print $3 }')
echo "::set-output name=IMAGE_SHA::$IMAGE_SHA"
id: image_sha
# Cloning the GitOps repo so that the kutomization file that holds the image tag information can be
# synced with what is live in openshift
- name: Git Clone Repo
run: |
git config --global user.name "Github Action - CCCM Repo Frontend Promote Test Image to Prod"
git config --global user.email "cccm-frontend@githubaction.com"
git clone git@github.com:bcgov-c/tenant-gitops-abb712.git
cd tenant-gitops-abb712/cccm/overlays/gold/prod
kustomize edit set image cccm-role-sync-image=image-registry.openshift-image-registry.svc:5000/abb712-tools/cccm-role-sync@${{ steps.image_sha.outputs.IMAGE_SHA }}
git add kustomization.yaml
cd ../../golddr/prod
kustomize edit set image cccm-role-sync-image=image-registry.openshift-image-registry.svc:5000/abb712-tools/cccm-role-sync@${{ steps.image_sha.outputs.IMAGE_SHA }}
git add kustomization.yaml
git commit -m "Updated cccm-role-sync image sha in Kustomization file from CCCM Github Action"
git push