-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Lee Wright
authored and
Lee Wright
committed
Jul 29, 2024
1 parent
c58e947
commit fc997c0
Showing
12 changed files
with
406 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,117 @@ | ||
name: diam-webapi | ||
|
||
on: | ||
push: | ||
branches: [develop,test,main] | ||
paths: | ||
- "maintenance/**" | ||
- ".github/workflows/build-push-maintenance.yml" | ||
workflow_dispatch: | ||
env: | ||
IMAGE_NAME: diam-maintenance | ||
WORKING_DIRECTORY: ./maintenance | ||
BRANCH_NAME: develop | ||
VALUES_FILE: dev | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
if: github.event_name == 'push' | ||
|
||
steps: | ||
- uses: actions/checkout@v3 | ||
|
||
- name: Set environment for branch | ||
run: | | ||
if [[ ${{ github.ref_name }} == 'main' ]]; then | ||
echo "BRANCH_NAME=main" >> "$GITHUB_ENV" | ||
echo "VALUES_FILE=prod" >> "$GITHUB_ENV" | ||
fi | ||
if [[ ${{ github.ref_name }} == 'test' ]]; then | ||
echo "BRANCH_NAME=test" >> "$GITHUB_ENV" | ||
echo "VALUES_FILE=test" >> "$GITHUB_ENV" | ||
fi | ||
if [[ ${{ github.ref_name }} == 'develop' ]]; then | ||
echo "BRANCH_NAME=develop" >> "$GITHUB_ENV" | ||
echo "VALUES_FILE=dev" >> "$GITHUB_ENV" | ||
fi | ||
- name: Extract branch name | ||
shell: bash | ||
run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT | ||
id: extract_branch | ||
|
||
- name: Branch name | ||
run: echo running on branch ${GITHUB_REF##*/} | ||
|
||
- name: Login to Artifactory | ||
uses: docker/login-action@v1 | ||
with: | ||
registry: artifacts.developer.gov.bc.ca | ||
username: ${{ secrets.ARTIFACTORY_USERNAME }} | ||
password: ${{ secrets.ARTIFACTORY_PASSWORD }} | ||
|
||
- name: Build Image | ||
working-directory: ${{env.WORKING_DIRECTORY}} | ||
run: | | ||
docker build -t artifacts.developer.gov.bc.ca/de27-general-docker/${{env.IMAGE_NAME}}:${GITHUB_REF##*/} . | ||
- name: Docker Push to Artifactory | ||
id: publish | ||
run: | | ||
docker push artifacts.developer.gov.bc.ca/de27-general-docker/${{env.IMAGE_NAME}}:${GITHUB_REF##*/} | ||
- name: Checkout ArgoCD Repo | ||
id: gitops | ||
if: steps.publish.outcome == 'success' | ||
uses: actions/checkout@v4 | ||
with: | ||
repository: bcgov-c/tenant-gitops-e27db1 | ||
ref: ${{ env.BRANCH_NAME }} | ||
token: ${{ secrets.ARGO_PAT }} # access token | ||
path: gitops | ||
|
||
- name: Get short SHA | ||
id: short_sha | ||
run: | | ||
echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" | ||
echo "Short SHA: $SHORT_SHA" | ||
- name: Update Helm Values and Commit | ||
id: helm | ||
if: steps.gitops.outcome == 'success' # Only run if the previous step (publish) was successful | ||
run: | | ||
echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " | ||
# Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test | ||
cd gitops/charts | ||
# Update the Helm values file with the new image tag and version | ||
DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time | ||
echo "Updating tag apitag: to ${{ steps.short_sha.outputs.SHORT_SHA }}" | ||
sed -i "s/apitag: .*/apitag: ${{ env.VALUES_FILE }}-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" maintenance/values.yaml | ||
|
||
# Commit and push the changes | ||
git config --global user.email "[email protected]" | ||
git config --global user.name "GitHub Actions" | ||
|
||
git add . | ||
|
||
git add ../deploy/${{ env.VALUES_FILE }}_values.yaml | ||
|
||
# Repackage Helm Chart | ||
|
||
cd maintenance | ||
|
||
helm dependency build | ||
|
||
git add . | ||
|
||
git commit -m "Update ${{ env.BRANCH_NAME }} API image tag" | ||
git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
FROM nginx:1.27.0-alpine | ||
|
||
COPY static /usr/share/nginx/html | ||
COPY nginx.conf /etc/nginx/nginx.conf | ||
|
||
EXPOSE 8080 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
# see https://hub.docker.com/_/nginx `Running nginx as a non-root user` | ||
worker_processes auto; | ||
|
||
pid /tmp/nginx.pid; | ||
|
||
events { | ||
worker_connections 1024; | ||
} | ||
|
||
http { | ||
include /etc/nginx/mime.types; | ||
default_type application/octet-stream; | ||
|
||
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' | ||
'$status $body_bytes_sent "$http_referer" ' | ||
'"$http_user_agent" "$http_x_forwarded_for"'; | ||
|
||
client_body_temp_path /tmp/client_temp; | ||
proxy_temp_path /tmp/proxy_temp_path; | ||
fastcgi_temp_path /tmp/fastcgi_temp; | ||
uwsgi_temp_path /tmp/uwsgi_temp; | ||
scgi_temp_path /tmp/scgi_temp; | ||
|
||
sendfile on; | ||
#tcp_nopush on; | ||
|
||
keepalive_timeout 65; | ||
|
||
#gzip on; | ||
|
||
server { | ||
listen 8080; | ||
server_name localhost; | ||
|
||
access_log off; | ||
error_log /dev/null; | ||
|
||
add_header cross-origin-embedder-policy "require-corp"; | ||
add_header cross-origin-opener-policy "same-origin"; | ||
add_header cross-origin-resource-policy "same-origin"; | ||
add_header x-dns-prefetch-control "off"; | ||
add_header expect-ct "max-age=0"; | ||
add_header x-frame-options "SAMEORIGIN"; | ||
add_header strict-transport-security "max-age=15552000; includeSubDomains"; | ||
add_header x-download-options "noopen"; | ||
add_header x-content-type-options "nosniff"; | ||
add_header origin-agent-cluster "?1"; | ||
add_header x-permitted-cross-domain-policies "none"; | ||
add_header referrer-policy "strict-origin"; | ||
add_header x-xss-protection "0"; | ||
add_header permissions-policy "midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()"; | ||
|
||
location / { | ||
root /usr/share/nginx/html; | ||
index index.html index.htm; | ||
try_files $uri $uri.html $uri/index.html /index.html; | ||
} | ||
} | ||
} |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.3.3/css/bootstrap-reboot.min.css" | ||
rel="stylesheet" /> | ||
|
||
<link rel="stylesheet" href="/style.css" /> | ||
<title>AG DIAM</title> | ||
<meta name="viewport" content="width=device-width, initial-scale=1"> | ||
<meta charset="utf-8"> | ||
|
||
</head> | ||
<body style="display: flex; flex-direction: column; height: 100vh"> | ||
<header> | ||
<div class="banner"> | ||
<img src="/img/logo-banner.svg" alt="Go to the Government of British Columbia website" height="40" /> | ||
<h1>Justice & Public Safety Sector</h1> | ||
</div> | ||
<div class="other"> </div> | ||
</header> | ||
<article> | ||
<h1>Digital Identity & Access Management (DIAM)</h1> | ||
<h2>We’ll be back soon</h2> | ||
<div> | ||
<p> | ||
Sorry for the inconvenience but we’re performing some maintenance at the moment. We’ll be back | ||
online shortly. | ||
</p> | ||
</div> | ||
<div> | ||
<p> | ||
For urgent matters, please contact the DIAM team at<br/> | ||
<a href="mailto:[email protected]">[email protected]</a><br/> | ||
<br/>or via RocketChat:<br /> | ||
<a href="https://chat.developer.gov.bc.ca/channel/ag-diam-requests">https://chat.developer.gov.bc.ca/channel/ag-diam-requests</a> | ||
</p> | ||
</div> | ||
</article> | ||
</body> | ||
</html> |
Oops, something went wrong.