frontend-automation-tests-build.yaml

name: Build & Push Frontend Automation Test Image to Gold and GoldDR

on:
  push:
    branches: [feature/automation-test]
    paths:
      - 'cccm-automation-test-ui/**'
      - ".github/workflows/frontend-automation-tests-build.yaml"
  workflow_dispatch:
env:
  # See https://github.com/goodwithtech/dockle/issues/188
  DOCKLE_HOST: "unix:///var/run/docker.sock"
  IMAGE_NAME: automation-test-ui
  WORKING_DIRECTORY: ./cccm-automation-test-ui
jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Login to Openshift Docker Registry Gold
        uses: docker/login-action@v1
        with:
          registry: ${{ secrets.OPENSHIFT4_REGISTRY }}
          username: ${{ secrets.OPENSHIFT4_SA_USERNAME }}
          password: ${{ secrets.OPENSHIFT4_SA_PASSWORD }}

      - name: Login to Openshift Docker Registry GoldDR
        uses: docker/login-action@v1
        with:
          registry: ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}
          username: ${{ secrets.OPENSHIFT4_SA_USERNAME }}
          password: ${{ secrets.OPENSHIFT4_SA_PASSWORD_GOLDDR }} 
      
      - name: Docker Build Frontend Image
        working-directory: ${{env.WORKING_DIRECTORY}}
        run: |            
          docker build -t ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/${{env.IMAGE_NAME}}:dev .
          
      - name: Vulnerability Scan Frontend
        uses: Azure/container-scan@v0
        continue-on-error: true
        with:
          image-name: ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/${{env.IMAGE_NAME}}:dev
              
      - name: Docker Push Version to Gold and GoldDR
        run: |  
          docker push ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/${{env.IMAGE_NAME}}:dev
          docker tag ${{ secrets.OPENSHIFT4_REGISTRY }}/${{ secrets.LICENSE_PLATE }}-tools/${{env.IMAGE_NAME}}:dev ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}/${{ secrets.LICENSE_PLATE }}-tools/${{env.IMAGE_NAME}}:dev
          docker push ${{ secrets.OPENSHIFT4_REGISTRY_GOLDDR }}/${{ secrets.LICENSE_PLATE }}-tools/${{env.IMAGE_NAME}}:dev

      - name: Set GitOps SSH Key
        uses: webfactory/ssh-agent@v0.5.4
        with:
          ssh-private-key: ${{ secrets.GIT_OPS_SSH_KEY }}

      # Getting the SHA from the latest image in the image stream and setting it to a variable to use
      # at a later step
      - name: Get and Store Current Image SHA
        run: |
          IMAGE_SHA=$(oc describe istag/automation-test-ui:dev -n abb712-tools | grep 'Image Name' | awk '{ print $3 }')
          echo "::set-output name=IMAGE_SHA::$IMAGE_SHA"
        id: image_sha

      # Cloning the GitOps repo so that the kutomization file that holds the image tag information can be 
      # synced with what is live in openshift in gold and golddr
      - name: Git Clone Repo
        run: |
          git config --global user.name "Github Action - CCCM Repo Automation Test Build/Push"
          git config --global user.email "cccm-automation-test@githubaction.com"
          git clone git@github.com:bcgov-c/tenant-gitops-abb712.git
          cd tenant-gitops-abb712/cccm/overlays/gold/dev
          kustomize edit set image frontend-automation-test-image=image-registry.openshift-image-registry.svc:5000/abb712-tools/${{env.IMAGE_NAME}}@${{ steps.image_sha.outputs.IMAGE_SHA }}
          git add kustomization.yaml
          cd ../../golddr/dev
          kustomize edit set image frontend-automation-test-image=image-registry.openshift-image-registry.svc:5000/abb712-tools/${{env.IMAGE_NAME}}@${{ steps.image_sha.outputs.IMAGE_SHA }}
          git add kustomization.yaml 
          git commit -m "Updated frontend-automation-test image sha in Kustomization files from CCCM Github Action" 
          git push