Set gold DR to active #124
Conversation
Remove an unused ls statement
.github/workflows/set-dr-active.yml
Outdated
| insecure_skip_tls_verify: true | ||
| - name: Set patroni-dr to primary | ||
| run: | | ||
| oc rsh -n ${{ github.event.inputs.namespace }} sso-patroni-0 curl -s -XPATCH -d '{ "standby_cluster":null}' http://localhost:8008/config | jq . |
There was a problem hiding this comment.
does the extra spaces in '{ "standby is required to patch the config?
There was a problem hiding this comment.
and can we check the response result from the API endpoint to make sure the config patch is successfully before moving to the next step? we could set a condition in the next step depends on the response.
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idif
There was a problem hiding this comment.
Oh that's a really good idea. Thanks will look at it today
.github/workflows/set-dr-active.yml
Outdated
| set-dr-to-active: | ||
| runs-on: ubuntu-latest | ||
| environment: | ||
| name: development |
There was a problem hiding this comment.
I don't see any places that makes use of name environment?
There was a problem hiding this comment.
removed
| uses: redhat-actions/oc-login@v1 | ||
| with: | ||
| openshift_server_url: ${{ secrets.OPENSHIFT_SERVER_GOLDDR }} | ||
| openshift_token: ${{ secrets.OPENSHIFT_TOKEN_GOLDDR }} |
There was a problem hiding this comment.
We have seprate service accounts' tokens for each Gold namespaces, so not sure how the same token can be used in the three environments. "c6af30-dev", "c6af30-test", "c6af30-prod"
There was a problem hiding this comment.
I was thinking about this, wouldn't it be easier to have a single service account with access to the 3 namespaces? (6 if we include sandbox) Then we don't have to worry about keeping 6 sets of credentials in the github secrets
| oc rsh -n ${{ github.event.inputs.namespace }} sso-patroni-0 curl -s -XPATCH -d '{ "standby_cluster":null}' http://localhost:8008/config | jq . | ||
| shell: bash | ||
| - name: Deploy keycloak-dr in active mode | ||
| run: | |
There was a problem hiding this comment.
can we use working-directory to set the base directory and make the code simplier?
helm/keycloak/transition-scripts
There was a problem hiding this comment.
good idea, I set helm as the working dir since we need the helpers.sh in the helm folder, and the values file in the helm/keycloak folder
thegentlemanphysicist
force-pushed
the
set-dr-active
branch
from
fedd63c
to
16ceae0
Compare
This action allows us to trigger dr to become active in sandbox test.
I want to get the 'set active to standby action working before I extend this to the production dr namespaces.