-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set gold DR to active #124
Conversation
Remove an unused ls statement
.github/workflows/set-dr-active.yml
Outdated
insecure_skip_tls_verify: true | ||
- name: Set patroni-dr to primary | ||
run: | | ||
oc rsh -n ${{ github.event.inputs.namespace }} sso-patroni-0 curl -s -XPATCH -d '{ "standby_cluster":null}' http://localhost:8008/config | jq . |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does the extra spaces in '{ "standby
is required to patch the config?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and can we check the response result from the API endpoint to make sure the config patch is successfully before moving to the next step? we could set a condition in the next step depends on the response.
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idif
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh that's a really good idea. Thanks will look at it today
.github/workflows/set-dr-active.yml
Outdated
set-dr-to-active: | ||
runs-on: ubuntu-latest | ||
environment: | ||
name: development |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't see any places that makes use of name
environment?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
removed
uses: redhat-actions/oc-login@v1 | ||
with: | ||
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER_GOLDDR }} | ||
openshift_token: ${{ secrets.OPENSHIFT_TOKEN_GOLDDR }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have seprate service accounts' tokens for each Gold namespaces, so not sure how the same token can be used in the three environments. "c6af30-dev", "c6af30-test", "c6af30-prod"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was thinking about this, wouldn't it be easier to have a single service account with access to the 3 namespaces? (6 if we include sandbox) Then we don't have to worry about keeping 6 sets of credentials in the github secrets
oc rsh -n ${{ github.event.inputs.namespace }} sso-patroni-0 curl -s -XPATCH -d '{ "standby_cluster":null}' http://localhost:8008/config | jq . | ||
shell: bash | ||
- name: Deploy keycloak-dr in active mode | ||
run: | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can we use working-directory
to set the base directory and make the code simplier?
helm/keycloak/transition-scripts
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good idea, I set helm as the working dir since we need the helpers.sh in the helm
folder, and the values file in the helm/keycloak
folder
fedd63c
to
16ceae0
Compare
This action allows us to trigger dr to become active in sandbox test.
I want to get the 'set active to standby action working before I extend this to the production dr namespaces.