From 1c4c87ba5252eb16bc41c5be204190bcc7ef6fd1 Mon Sep 17 00:00:00 2001 From: Lindsey Hattamer Date: Tue, 8 Feb 2022 10:18:54 -0500 Subject: [PATCH] Revert "feat: add reusable GHA workflows" This reverts commit 8bdfaa792ca18669f1b00291972e592ac905d266, reversing changes made to ad6a6368b143fb93a85aec2ddf4623e5b10e2854. --- .github/workflows/deploy.yml | 108 +++++++++++++++-- .github/workflows/push-images.yml | 32 +++-- .../workflows/templates/deploy-template.yml | 109 ------------------ .../templates/push-image-template.yml | 35 ------ 4 files changed, 124 insertions(+), 160 deletions(-) delete mode 100644 .github/workflows/templates/deploy-template.yml delete mode 100644 .github/workflows/templates/push-image-template.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 45f96a71..2de8182c 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,9 +1,99 @@ -deploy: - uses: department-of-veterans-affairs/platform-console-api/.github/workflows/templates/deploy-template.yml@master - with: - ecr_repository: 'platform-console' - manifests_directory: 'vsp-tools-backend/platform-console-api' - auto_deploy_envs: 'utility' - secrets: - aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} +name: Release and Update Manifests + +on: + push: + branches: + - master + workflow_dispatch: + inputs: + environments: + description: "Cluster environments you would like to update wrapped in single quotes. + Avalable options -> dev, staging, sandbox, utility, prod sandbox" + required: true + +env: + autoDeployEnvs: 'utility' + +jobs: + prepare-values: + runs-on: ubuntu-20.04 + outputs: + environments: ${{ steps.set-environments.outputs.environments }} + steps: + - name: Set to auto deploy environments when not run via workflow dispatch + if: github.event.inputs.environments == '' + run: | + echo "triggered via schedule" + echo "environments=${{ env.autoDeployEnvs }}" >> $GITHUB_ENV + - name: Set to environments specified in input when run via workflow dispatch + if: github.event.inputs.environments != '' + run: | + echo "triggered via workflow dispatch" + echo "environments=${{ github.event.inputs.environments }}" >> $GITHUB_ENV + - name: Set output + id: set-environments + run: | + echo "::set-output name=environments::${{ env.environments }}" + release: + needs: [prepare-values] + if: github.ref == 'refs/heads/master' + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: "us-gov-west-1" + - name: Log into ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Get bot token from Parameter Store + uses: marvinpinto/action-inject-ssm-secrets@latest + with: + ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN + env_variable_name: VA_VSP_BOT_GITHUB_TOKEN + - name: Semantic Release + uses: cycjimmy/semantic-release-action@v2 + id: semantic + env: + GITHUB_TOKEN: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} + - name: Install yq if needed + if: steps.semantic.outputs.new_release_published == 'true' || github.event.inputs.environments != '' + run: | + sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CC86BB64 + sudo add-apt-repository ppa:rmescandon/yq + sudo apt update + sudo apt install yq -y + - name: Check out Manifest Repo + uses: actions/checkout@v2 + with: + repository: department-of-veterans-affairs/vsp-infra-application-manifests + token: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} + fetch-depth: 1 + path: vsp-infra-application-manifests + - name: Update image name in Manifest repo + if: steps.semantic.outputs.new_release_published == 'true' || github.event.inputs.environments != '' + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: dsva/platform-console + run: | + cd vsp-infra-application-manifests/apps/vsp-tools-backend/platform-console-api + # Update platform-console image + envs=( ${{ needs.prepare-values.outputs.environments }} ) + for env in ${envs[*]}; + do + yq e -i '.spec.template.spec.containers.[0].image = "008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/dsva/platform-console:platform-console-${{ github.sha }}"' $env/deployment.yml + done + git diff + - name: Add and Commit file + if: steps.semantic.outputs.new_release_published == 'true' || github.event.inputs.environments != '' + uses: EndBug/add-and-commit@v7 + with: + branch: main + add: '*' + cwd: vsp-infra-application-manifests/apps/vsp-tools-backend/platform-console-api + author_name: va-vsp-bot + author_email: devops@va.gov + message: 'Release ${{ needs.prepare-values.outputs.environments }} for platform-console.' diff --git a/.github/workflows/push-images.yml b/.github/workflows/push-images.yml index f643dd32..bfcdb9ab 100644 --- a/.github/workflows/push-images.yml +++ b/.github/workflows/push-images.yml @@ -1,7 +1,25 @@ -push-images: - uses: department-of-veterans-affairs/platform-console-api/.github/workflows/templates/push-images-template.yml@master - with: - ecr_repository: 'platform-console' - secrets: - aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} +name: Push image to ECR when changes are pushed to master + +on: + push: + branches: + - master + workflow_dispatch: + +jobs: + push-image: + runs-on: ubuntu-20.04 + name: Push image to ECR + steps: + - uses: actions/checkout@v2 + - name: Build and push argo images to ECR + uses: kciter/aws-ecr-action@v4 + with: + access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} + secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + account_id: '008577686731' + repo: dsva/platform-console + region: us-gov-west-1 + tags: "platform-console-${{ github.sha }}" + dockerfile: Dockerfile + extra_build_args: "--build-arg RAILS_ENV=production" diff --git a/.github/workflows/templates/deploy-template.yml b/.github/workflows/templates/deploy-template.yml deleted file mode 100644 index 3d61820f..00000000 --- a/.github/workflows/templates/deploy-template.yml +++ /dev/null @@ -1,109 +0,0 @@ -name: Release and Update Manifests - -on: - push: - branches: - - master - - workflow_call: - inputs: - ecr_repository: - required: true #platform-console - type: string - manifests_directory: - required: true #vsp-tools-backend/platform-console-api - type: string - auto_deploy_envs: - required: true # utility - type: string - secrets: - aws_access_key_id: #${{ secrets.AWS_ACCESS_KEY_ID }} - required: true - aws_secret_access_key: #${{ secrets.AWS_SECRET_ACCESS_KEY }} - required: true - -jobs: - prepare-values: - runs-on: ubuntu-20.04 - outputs: - environments: ${{ steps.set-environments.outputs.environments }} - steps: - - name: Set to auto deploy environments on push to master - run: | - echo "triggered via schedule" - echo "environments=${{inputs.auto_deploy_envs}}" >> $GITHUB_ENV - - name: Set output - id: set-environments - run: | - echo "::set-output name=environments::${{ env.environments }}" - release: - needs: [prepare-values] - if: github.ref == 'refs/heads/master' - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v2 - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.aws_access_key_id }} - aws-secret-access-key: ${{ secrets.aws_secret_access_key }} - aws-region: "us-gov-west-1" - - - name: Log into ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 - - - name: Get bot token from Parameter Store - uses: marvinpinto/action-inject-ssm-secrets@latest - with: - ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN - env_variable_name: VA_VSP_BOT_GITHUB_TOKEN - - - name: Semantic Release - uses: cycjimmy/semantic-release-action@v2 - id: semantic - env: - GITHUB_TOKEN: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} - - - name: Install yq if needed - if: steps.semantic.outputs.new_release_published == 'true' - run: | - sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CC86BB64 - sudo add-apt-repository ppa:rmescandon/yq - sudo apt update - sudo apt install yq -y - - - name: Check out Manifest Repo - uses: actions/checkout@v2 - with: - repository: department-of-veterans-affairs/vsp-infra-application-manifests - token: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} - fetch-depth: 1 - path: vsp-infra-application-manifests - - - name: Update image name in Manifest repo - if: steps.semantic.outputs.new_release_published == 'true' - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - ECR_REPOSITORY: dsva/${{inputs.ecr_repository}} - run: | - cd vsp-infra-application-manifests/apps/${{inputs.manifests_directory}} - # Update ecr image - envs=( ${{ needs.prepare-values.outputs.environments }} ) - for env in ${envs[*]}; - do - - yq e -i '.spec.template.spec.containers.[0].image = "008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/dsva/${{inputs.ecr_repository}}:${{inputs.ecr_repository}}-${{ github.sha }}"' $env/deployment.yml - done - git diff - - - name: Add and Commit file - if: steps.semantic.outputs.new_release_published == 'true' - uses: EndBug/add-and-commit@v7 - with: - branch: main - add: '*' - cwd: vsp-infra-application-manifests/apps/${{inputs.manifests_directory}} - author_name: va-vsp-bot - author_email: devops@va.gov - message: 'Release ${{ needs.prepare-values.outputs.environments }} for ${{inputs.ecr_repository}}.' diff --git a/.github/workflows/templates/push-image-template.yml b/.github/workflows/templates/push-image-template.yml deleted file mode 100644 index 045eb774..00000000 --- a/.github/workflows/templates/push-image-template.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Push image to ECR when changes are pushed to master - -on: - push: - branches: - - master - - workflow_call: - inputs: - repository: - required: true #platform-console - type: string - secrets: - aws_access_key_id: #${{ secrets.AWS_ACCESS_KEY_ID }} - required: true - aws_secret_access_key: #${{ secrets.AWS_SECRET_ACCESS_KEY }} - required: true - -jobs: - push-image: - runs-on: ubuntu-20.04 - name: Push image to ECR - steps: - - uses: actions/checkout@v2 - - name: Build and push argo images to ECR - uses: kciter/aws-ecr-action@v4 - with: - access_key_id: ${{ secrets.aws_access_key_id }} - secret_access_key: ${{ secrets.aws_secret_access_key }} - account_id: '008577686731' - repo: dsva/${{inputs.ecr_repository}} - region: us-gov-west-1 - tags: "${{inputs.ecr_repository}}-${{ github.sha }}" - dockerfile: Dockerfile - extra_build_args: "--build-arg RAILS_ENV=production"