From bf382d5a631bc89e653c958ae6dd0ff48fc95fde Mon Sep 17 00:00:00 2001 From: Khaled <45347802+JavaDeveloper456788@users.noreply.github.com> Date: Mon, 2 Dec 2024 16:00:13 -0800 Subject: [PATCH] GitHub action fixes (#131) --- ...build.from.master.branch.deploy.to.dev.yml | 107 +++++++--------- openshift/templates/cas-api/cas-api.dc.yaml | 94 ++++++++------ openshift/templates/ecas-api/api.dc.yaml | 111 ++++++++++------- .../templates/ecas-frontend/frontend.dc.yaml | 117 +++++++++++++----- openshift/update-configmap.sh | 46 +++++++ 5 files changed, 294 insertions(+), 181 deletions(-) create mode 100644 openshift/update-configmap.sh diff --git a/.github/workflows/build.from.master.branch.deploy.to.dev.yml b/.github/workflows/build.from.master.branch.deploy.to.dev.yml index 5768980ea..cee2f40bf 100644 --- a/.github/workflows/build.from.master.branch.deploy.to.dev.yml +++ b/.github/workflows/build.from.master.branch.deploy.to.dev.yml @@ -6,7 +6,7 @@ env: REDHAT_REGISTRY_USERNAME: '${{ secrets.REDHAT_REGISTRY_USERNAME }}' REDHAT_REGISTRY_PASSWORD: '${{ secrets.REDHAT_REGISTRY_PASSWORD }}' - ASPNETCORE_ENVIRONMENT: 'Development' + SOURCE_REPOSITORY: 'https://github.com/bcgov/EDUC-HUB.git' DOTNET_STARTUP_PROJECT: 'CASInterfaceService/cas-interface-service.csproj' @@ -31,25 +31,40 @@ env: MIN_MEM: 250Mi MAX_MEM: 500Mi - + #frontend config maps vars + APP_DEBUG: 'FALSE' + DYNAMICSBASEURL: http://ecas-api:8080/api + DOCUMENTROOT: /public + #ecas api config maps vars + ASPNETCORE_ENVIRONMENT: 'Development' + DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT: Cloud + DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL: https://ecasdev.api.crm3.dynamics.com/api/data/v9.2/ + DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL: https://localhost + DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL: https://ecasdev.crm3.dynamics.com/api/data/ + DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL: https://ecasdev.api.crm3.dynamics.com + + #cas api config maps vars + ASPNETCORE_ENVIRONMENT_CAS: 'Production' + CAS_API_SERVER: https://cfs-systws.cas.gov.bc.ca:7026 + CAS_TOKEN_URI: /ords/cas/oauth/token + CAS_INVOICE_URI: /ords/cas/cfs/apinvoice/ + HOST_ROUTE: '${{ secrets.SITE_URL }}' -'on': + BRANCH: "Github_action_fixes" + + CA_CERT: ${{ secrets.CA_CERT }} + CERTIFICATE: ${{ secrets.CERT }} + PRIVATE_KEY: ${{ secrets.PRIV_KEY }} + +on: workflow_dispatch: - push: - branches: - - master - - - - - + jobs: build-and-deploy-dev: name: Build and deploy to DEV runs-on: ubuntu-24.04 environment: dev - - + steps: - name: Check for required secrets uses: actions/github-script@v6 @@ -60,7 +75,6 @@ jobs: OPENSHIFT_TOKEN: `${{ secrets.OPENSHIFT_TOKEN }}`, }; - const GHCR = "ghcr.io"; if (`${{ env.IMAGE_REGISTRY }}`.startsWith(GHCR)) { @@ -72,7 +86,6 @@ jobs: secrets["IMAGE_REGISTRY_PASSWORD"] = `${{ secrets.IMAGE_REGISTRY_PASSWORD }}`; } - const missingSecrets = Object.entries(secrets).filter(([ name, value ]) => { if (value.length === 0) { @@ -83,7 +96,6 @@ jobs: return false; }); - if (missingSecrets.length > 0) { core.setFailed(`❌ At least one required secret is not set in the repository. \n` + "You can add it using:\n" + @@ -95,6 +107,7 @@ jobs: else { core.info(`✅ All the required secrets are set`); } + - name: Check out repository uses: actions/checkout@v3 @@ -107,18 +120,21 @@ jobs: uses: redhat-actions/openshift-tools-installer@v1 with: oc: 4 + - name: Login to Docker Hub uses: docker/login-action@v1 with: registry: '${{ env.DOCKER_ARTIFACTORY_REPO }}' username: '${{ secrets.DOCKER_HUB_USERNAME }}' password: '${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}' + - name: Login to REDHAT uses: docker/login-action@v1 with: registry: '${{ env.REDHAT_REGISTRY }}' username: '${{ secrets.REDHAT_REGISTRY_USERNAME }}' password: '${{ secrets.REDHAT_REGISTRY_PASSWORD }}' + - name: Check out repository run: git clone '${{ env.SOURCE_REPOSITORY }}' @@ -132,6 +148,7 @@ jobs: tags: ${{ env.TAG }} env_vars: | DOTNET_STARTUP_PROJECT=${{env.DOTNET_STARTUP_PROJECT}} + - name: Setup and Build ecas api id: build-image-api uses: redhat-actions/s2i-build@v2 @@ -140,6 +157,7 @@ jobs: builder_image: registry.redhat.io/rhel8/dotnet-60 image: '${{env.APP_NAME_API }}' tags: ${{ env.TAG }} + - name: Setup and Build Frontend id: build-image-frontend uses: redhat-actions/s2i-build@v2 @@ -148,6 +166,7 @@ jobs: builder_image: registry.redhat.io/rhscl/php-73-rhel7 image: '${{env.APP_NAME_FRONTEND }}' tags: ${{ env.TAG }} + - name: Login to Docker Hub uses: docker/login-action@v1 with: @@ -156,10 +175,7 @@ jobs: password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: List docker images run: docker images - - - - + - name: Push frontend to registry id: push-image-frontend uses: redhat-actions/push-to-registry@v2 @@ -169,6 +185,7 @@ jobs: registry: ${{ env.IMAGE_REGISTRY }} username: ${{ env.IMAGE_REGISTRY_USER }} password: ${{ env.IMAGE_REGISTRY_PASSWORD }} + - name: Push api to registry id: push-image-api uses: redhat-actions/push-to-registry@v2 @@ -178,6 +195,7 @@ jobs: registry: ${{ env.IMAGE_REGISTRY }} username: ${{ env.IMAGE_REGISTRY_USER }} password: ${{ env.IMAGE_REGISTRY_PASSWORD }} + - name: Push cas to registry id: push-image-cas uses: redhat-actions/push-to-registry@v2 @@ -187,7 +205,6 @@ jobs: registry: ${{ env.IMAGE_REGISTRY }} username: ${{ env.IMAGE_REGISTRY_USER }} password: ${{ env.IMAGE_REGISTRY_PASSWORD }} - - uses: actions/checkout@v3 - name: Deploy @@ -219,65 +236,31 @@ jobs: oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV }} ${{ steps.push-image-frontend.outputs.registry-path }} ${{ env.REPO_NAME }}-frontend:${{ env.TAG }} - echo "Frontend tag success" oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV }} ${{ steps.push-image-api.outputs.registry-path }} ${{env.REPO_NAME }}-api:${{ env.TAG }} - - echo "Ecas API tag success" + + oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV }} ${{ steps.push-image-cas.outputs.registry-path }} ${{env.REPO_NAME }}-cas-api:${{ env.TAG }} - - echo "CAS API tag success" + curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/openshift/update-configmap.sh | bash /dev/stdin "${{ env.REPO_NAME }}" "${{ env.OPENSHIFT_NAMESPACE_DEV }}" "${{env.APP_DEBUG}}" "${{env.DOCUMENTROOT}}" "${{ env.DYNAMICSBASEURL}}" "${{env.ASPNETCORE_ENVIRONMENT}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL}}" "${{env.ASPNETCORE_ENVIRONMENT_CAS}}" "${{env.CAS_API_SERVER}}" "${{env.CAS_TOKEN_URI}}" "${{env.CAS_INVOICE_URI}}" + # Process and apply deployment template - oc process -f ./openshift/templates/ecas-frontend/frontend.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} -p HOST_ROUTE=${{ env.HOST_ROUTE}}\ + oc process -f ./openshift/templates/ecas-frontend/frontend.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} -p HOST_ROUTE=${{ env.HOST_ROUTE}} -p CA_CERT="${{ env.CA_CERT }}" -p CERTIFICATE="${{ env.CERTIFICATE }}" -p PRIVATE_KEY="${{ env.PRIVATE_KEY }}"\ | oc apply -f - - oc process -f ./openshift/templates/ecas-api/api.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} -p HOST_ROUTE=${{ env.HOST_ROUTE }} -p ASPNETCORE_ENVIRONMENT=${{ env.ASPNETCORE_ENVIRONMENT }}\ + oc process -f ./openshift/templates/ecas-api/api.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} -p HOST_ROUTE=${{ env.HOST_ROUTE }}\ | oc apply -f - - + oc process -f ./openshift/templates/cas-api/cas-api.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} -p HOST_ROUTE=${{ env.HOST_ROUTE }}\ | oc apply -f - - - - - - # Start rollout (if necessary) and follow it - - - oc rollout latest dc/${{ env.APP_NAME_FRONTEND }} 2> /dev/null \ - || true && echo "Rollout Front End in progress" - - oc rollout latest dc/${{ env.APP_NAME_API }} 2> /dev/null \ - - || true && echo "Rollout ECAS API in progress" - - oc rollout latest dc/${{ env.APP_NAME_CAS }} 2> /dev/null \ - - || true && echo "Rollout CAS API in progress" - - oc logs dc/${{ env.APP_NAME_FRONTEND }} - - oc logs dc/${{ env.APP_NAME_API }} - - oc logs dc/${{ env.APP_NAME_CAS }} - - # Get status, returns 0 if rollout is successful - - oc rollout status dc/${{ env.APP_NAME_FRONTEND }} - - oc rollout status dc/${{ env.APP_NAME_API }} - - oc rollout status dc/${{ env.APP_NAME_CAS }} - - - name: ZAP Scan uses: zaproxy/action-full-scan@v0.7.0 with: diff --git a/openshift/templates/cas-api/cas-api.dc.yaml b/openshift/templates/cas-api/cas-api.dc.yaml index 29a4c41b2..1e9d0aed1 100644 --- a/openshift/templates/cas-api/cas-api.dc.yaml +++ b/openshift/templates/cas-api/cas-api.dc.yaml @@ -4,15 +4,15 @@ metadata: name: "cas-api-dc" - creationTimestamp: objects: - apiVersion: v1 kind: DeploymentConfig metadata: - - creationTimestamp: labels: app: "${APP_NAME}" + name: "cas-api" + app-group: "${APP_NAME}" + template: "educ-${APP_NAME}-template" name: "cas-api" spec: replicas: ${{MIN_REPLICAS}} @@ -24,8 +24,6 @@ type: Rolling template: metadata: - - creationTimestamp: labels: app: "${APP_NAME}" deploymentconfig: "cas-api" @@ -33,22 +31,28 @@ containers: - image: image-registry.openshift-image-registry.svc:5000/${NAMESPACE}/${REPO_NAME}-cas-api:${TAG} imagePullPolicy: Always - - - name: "cas-api" env: - name: ASPNETCORE_ENVIRONMENT - value: ${ASPNETCORE_ENVIRONMENT} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: ASPNETCORE_ENVIRONMENT_CAS - name: CAS_API_SERVER - value: ${CAS_API_SERVER} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: CAS_API_SERVER - name: CAS_TOKEN_URI - value: ${CAS_TOKEN_URI} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: CAS_TOKEN_URI - name: CAS_INVOICE_URI - value: ${CAS_INVOICE_URI} - - - + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: CAS_INVOICE_URI ports: - containerPort: 8080 protocol: TCP @@ -65,9 +69,7 @@ httpGet: path: "/" port: 8080 - scheme: HTTP - - + scheme: HTTP resources: requests: cpu: "${MIN_CPU}" @@ -79,12 +81,34 @@ test: false triggers: - type: ConfigChange + - apiVersion: v1 + kind: Route + metadata: + name: "cas-api" + labels: + name: "cas-api" + app: ${APP_NAME} + app-group: ${APP_NAME} + spec: + host: ${APPLICATION_DOMAIN} + port: + targetPort: "8080-tcp" + tls: + insecureEdgeTerminationPolicy: Redirect + termination: edge + to: + kind: Service + name: "cas-api" + weight: 100 + - apiVersion: v1 kind: Service metadata: - labels: app: "${APP_NAME}" + name: "cas-api" + app-group: "${APP_NAME}" + template: "educ-${APP_NAME}-template" name: "cas-api" spec: ports: @@ -96,15 +120,15 @@ app: "${APP_NAME}" deploymentconfig: "cas-api" - - - - - - apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: "cas-api-cpu-autoscaler" + labels: + template: "educ-${APP_NAME}-template" + app: "${APP_NAME}" + name: "cas-api" + app-group: "${APP_NAME}" spec: scaleTargetRef: apiVersion: apps.openshift.io/v1 @@ -155,23 +179,13 @@ - name: MAX_MEM description: The maximum amount of memory required: true + - name: APPLICATION_DOMAIN + displayName: Application Hostname + description: The exposed hostname that will route to the service, if left blank a value will be defaulted. + required: false + value: "" + - - name: ASPNETCORE_ENVIRONMENT - displayName: ASPNETCORE_ENVIRONMENT - required: true - value: "Production" - - name: CAS_API_SERVER - displayName: CAS_API_SERVER - required: true - value: "https://cfs-systws.cas.gov.bc.ca:7026" - - name: CAS_TOKEN_URI - displayName: CAS_TOKEN_URI - required: true - value: "/ords/cas/oauth/token" - - name: CAS_INVOICE_URI - displayName: CAS_INVOICE_URI - required: true - value: "/ords/cas/cfs/apinvoice/" diff --git a/openshift/templates/ecas-api/api.dc.yaml b/openshift/templates/ecas-api/api.dc.yaml index 7407535d8..d033fa0a6 100644 --- a/openshift/templates/ecas-api/api.dc.yaml +++ b/openshift/templates/ecas-api/api.dc.yaml @@ -9,10 +9,11 @@ - apiVersion: v1 kind: DeploymentConfig metadata: - - creationTimestamp: labels: app: "${APP_NAME}" + name: "${APP_NAME}-api" + app-group: "${APP_NAME}" + template: "educ-${APP_NAME}-template" name: "${APP_NAME}-api" spec: replicas: ${{MIN_REPLICAS}} @@ -24,8 +25,6 @@ type: Rolling template: metadata: - - creationTimestamp: labels: app: "${APP_NAME}" deploymentconfig: "${APP_NAME}-api" @@ -33,17 +32,23 @@ containers: - image: image-registry.openshift-image-registry.svc:5000/${NAMESPACE}/${REPO_NAME}-api:${TAG} imagePullPolicy: Always - - - name: "${APP_NAME}-api" env: - name: ASPNETCORE_ENVIRONMENT - value: ${ASPNETCORE_ENVIRONMENT} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: ASPNETCORE_ENVIRONMENT - name: DynamicsAuthenticationSettings__ActiveEnvironment - value: ${DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: DynamicsAuthenticationSettings__ActiveEnvironment - name: DynamicsAuthenticationSettings__CloudWebApiUrl - value: ${DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: DynamicsAuthenticationSettings__CloudWebApiUrl - name: ECasAPISecuritySettings__UserName valueFrom: secretKeyRef: @@ -55,9 +60,15 @@ name: ecas-api-credentials key: password - name: DynamicsAuthenticationSettings__CloudRedirectUrl - value: ${DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: DynamicsAuthenticationSettings__CloudRedirectUrl - name: DynamicsAuthenticationSettings__CloudResourceUrl - value: ${DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: DynamicsAuthenticationSettings__CloudResourceUrl - name: DynamicsAuthenticationSettings__CloudClientId valueFrom: secretKeyRef: @@ -79,10 +90,10 @@ name: ecas-api-credentials key: TenantId - name: DynamicsAuthenticationSettings__CloudBaseUrl - value: ${DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL} - - - + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: DynamicsAuthenticationSettings__CloudBaseUrl ports: - containerPort: 8080 protocol: TCP @@ -100,8 +111,6 @@ path: "/api/environmentinformation" port: 8080 scheme: HTTP - - resources: requests: cpu: "${MIN_CPU}" @@ -113,12 +122,35 @@ test: false triggers: - type: ConfigChange + + - apiVersion: v1 + kind: Route + metadata: + name: "${APP_NAME}-api" + labels: + name: "${APP_NAME}-api" + app: ${APP_NAME} + app-group: ${APP_NAME} + spec: + host: ${APPLICATION_DOMAIN} + port: + targetPort: "${APP_NAME}-api" + tls: + insecureEdgeTerminationPolicy: Redirect + termination: edge + to: + kind: Service + name: "${APP_NAME}-api" + weight: 100 + - apiVersion: v1 kind: Service metadata: - labels: app: "${APP_NAME}" + name: "${APP_NAME}-api" + app-group: "${APP_NAME}" + template: "educ-${APP_NAME}-template" name: "${APP_NAME}-api" spec: ports: @@ -129,15 +161,14 @@ selector: app: "${APP_NAME}" deploymentconfig: "${APP_NAME}-api" - - - - - - - apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: + labels: + template: "educ-${APP_NAME}-template" + app: "${APP_NAME}" + name: "${APP_NAME}-api" + app-group: "${APP_NAME}" name: "${APP_NAME}-api-cpu-autoscaler" spec: scaleTargetRef: @@ -154,6 +185,7 @@ target: type: Utilization averageUtilization: 90 + parameters: - name: REPO_NAME description: Application repository name @@ -189,28 +221,11 @@ - name: MAX_MEM description: The maximum amount of memory required: true - - name: ASPNETCORE_ENVIRONMENT - displayName: ASPNETCORE_ENVIRONMENT - required: true - - name: DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT - displayName: DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT - required: true - value: Cloud - - name: DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL - displayName: DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL - required: true - value: https://ecasdev.api.crm3.dynamics.com/api/data/v9.2/ - - name: DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL - displayName: DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL - required: true - value: https://localhost - - name: DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL - displayName: DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL - required: true - value: https://ecasdev.crm3.dynamics.com/api/data/ - - name: DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL - displayName: DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL - required: true - value: https://ecasdev.api.crm3.dynamics.com + - name: APPLICATION_DOMAIN + displayName: Application Hostname + description: The exposed hostname that will route to the service, if left blank a value will be defaulted. + required: false + value: "" + diff --git a/openshift/templates/ecas-frontend/frontend.dc.yaml b/openshift/templates/ecas-frontend/frontend.dc.yaml index 106beaf40..bde770bc1 100644 --- a/openshift/templates/ecas-frontend/frontend.dc.yaml +++ b/openshift/templates/ecas-frontend/frontend.dc.yaml @@ -5,15 +5,16 @@ template: "${REPO_NAME}-template" metadata: name: "${REPO_NAME}-frontend-dc" - creationTimestamp: objects: - apiVersion: v1 kind: DeploymentConfig metadata: - creationTimestamp: labels: app: "${APP_NAME}" + name: "${APP_NAME}-frontend" + app-group: "${APP_NAME}" + template: "educ-${APP_NAME}-template" name: "${APP_NAME}-frontend" spec: replicas: ${{MIN_REPLICAS}} @@ -25,8 +26,6 @@ type: Rolling template: metadata: - - creationTimestamp: labels: app: "${APP_NAME}" deploymentconfig: "${APP_NAME}-frontend" @@ -34,17 +33,23 @@ containers: - image: image-registry.openshift-image-registry.svc:5000/${NAMESPACE}/${REPO_NAME}-frontend:${TAG} imagePullPolicy: Always - - - name: "${APP_NAME}-frontend" env: - name: APP_DEBUG - value: ${APP_DEBUG} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: APP_DEBUG - name: DYNAMICSBASEURL - value: ${DYNAMICSBASEURL} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: DYNAMICSBASEURL - name: DOCUMENTROOT - value: ${DOCUMENTROOT} + valueFrom: + configMapKeyRef: + name: ${REPO_NAME}-config-map + key: DOCUMENTROOT - name: DYNAMICS_USERNAME valueFrom: secretKeyRef: @@ -79,11 +84,7 @@ valueFrom: secretKeyRef: name: ecas-frontend - key: API_KEY - - - - + key: API_KEY ports: - containerPort: 8080 protocol: TCP @@ -101,8 +102,6 @@ path: "/" port: 8080 scheme: HTTP - - resources: requests: cpu: "${MIN_CPU}" @@ -110,16 +109,63 @@ limits: cpu: "${MAX_CPU}" memory: "${MAX_MEM}" - test: false triggers: - type: ConfigChange + + - apiVersion: v1 + kind: Route + metadata: + name: "${APP_NAME}-frontend" + labels: + name: "${APP_NAME}-frontend" + app: ${APP_NAME} + app-group: ${APP_NAME} + spec: + host: ${APPLICATION_DOMAIN} + port: + targetPort: "${APP_NAME}-frontend" + tls: + tls: + insecureEdgeTerminationPolicy: Redirect + termination: edge + to: + kind: Service + name: "${APP_NAME}-frontend" + weight: 100 + + - apiVersion: v1 + kind: Route + metadata: + name: "dev-workwitheducation" + labels: + name: "${APP_NAME}-frontend" + app: ${APP_NAME} + app-group: ${APP_NAME} + spec: + host: ${HOST_ROUTE} + port: + targetPort: "${APP_NAME}-frontend" + tls: + insecureEdgeTerminationPolicy: Redirect + termination: edge + caCertificate: "${CA_CERT}" + certificate: "${CERTIFICATE}" + key: "${PRIVATE_KEY}" + to: + kind: Service + name: "${APP_NAME}-frontend" + weight: 100 + + - apiVersion: v1 kind: Service metadata: - labels: app: "${APP_NAME}" + name: "${APP_NAME}-frontend" + app-group: "${APP_NAME}" + template: "educ-${APP_NAME}-template" name: "${APP_NAME}-frontend" spec: ports: @@ -131,14 +177,14 @@ app: "${APP_NAME}" deploymentconfig: "${APP_NAME}-frontend" - - - - - - apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: + labels: + template: "educ-${APP_NAME}-template" + app: "${APP_NAME}" + name: "${APP_NAME}-frontend" + app-group: "${APP_NAME}" name: "${APP_NAME}-frontend-cpu-autoscaler" spec: scaleTargetRef: @@ -159,7 +205,6 @@ - name: REPO_NAME description: Application repository name required: true - - name: NAMESPACE description: Target namespace reference (i.e. 'k8vopl-dev') required: true @@ -190,20 +235,30 @@ - name: MAX_MEM description: The maximum amount of memory required: true - - name: APP_DEBUG displayName: Application Debug required: true - value: "false" + value: "FALSE" - name: DOCUMENTROOT displayName: Document Root required: true value: "/public" - - name: DYNAMICSBASEURL displayName: Dynamics API description: The endpoint for the internal Dynamics API component. required: true - value: "http://ecas-api:8080/api" - - + value: "http://ecas-api:8080/api" + - name: APPLICATION_DOMAIN + displayName: Application Hostname + description: The exposed hostname that will route to the service, if left blank a value will be defaulted. + required: false + value: "" + - name: CA_CERT + description: The minimum amount of replicas + required: true + - name: CERTIFICATE + description: The minimum amount of replicas + required: true + - name: PRIVATE_KEY + description: The minimum amount of replicas + required: true diff --git a/openshift/update-configmap.sh b/openshift/update-configmap.sh new file mode 100644 index 000000000..960720373 --- /dev/null +++ b/openshift/update-configmap.sh @@ -0,0 +1,46 @@ +########################################################### +#ENV VARS +########################################################### +REPO_NAME=$1 +NAMESPACE=$2 +APP_DEBUG=$3 +DOCUMENTROOT=$4 +DYNAMICSBASEURL=$5 + +ASPNETCORE_ENVIRONMENT=$6 +DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT=$7 +DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL=$8 +DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL=$9 +DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL=${10} +DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL=${11} + +ASPNETCORE_ENVIRONMENT_CAS=${12} +CAS_API_SERVER=${13} +CAS_TOKEN_URI=${14} +CAS_INVOICE_URI=${15} + +########################################################### +#Setup for config-maps +########################################################### +echo Creating config map "$REPO_NAME"-config-map +oc create configmap "$REPO_NAME"-config-map \ + --from-literal=APP_DEBUG="$APP_DEBUG" \ + --from-literal=DOCUMENTROOT="$DOCUMENTROOT" \ + --from-literal=DYNAMICSBASEURL="$DYNAMICSBASEURL" \ + --from-literal=ASPNETCORE_ENVIRONMENT="$ASPNETCORE_ENVIRONMENT" \ + --from-literal=DynamicsAuthenticationSettings__ActiveEnvironment="$DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT" \ + --from-literal=DynamicsAuthenticationSettings__CloudWebApiUrl="$DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL" \ + --from-literal=DynamicsAuthenticationSettings__CloudRedirectUrl="$DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL" \ + --from-literal=DynamicsAuthenticationSettings__CloudResourceUrl="$DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL" \ + --from-literal=DynamicsAuthenticationSettings__CloudBaseUrl="$DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL" \ + --from-literal=ASPNETCORE_ENVIRONMENT_CAS="$ASPNETCORE_ENVIRONMENT_CAS" \ + --from-literal=CAS_API_SERVER="$CAS_API_SERVER" \ + --from-literal=CAS_TOKEN_URI="$CAS_TOKEN_URI" \ + --from-literal=CAS_INVOICE_URI="$CAS_INVOICE_URI" \ + --dry-run=client -o yaml | oc apply -f - + +echo Creating config map "$REPO_NAME"-flb-sc-config-map +oc create configmap "$REPO_NAME"-flb-sc-config-map \ + --from-literal=fluent-bit.conf="$FLB_CONFIG" \ + --from-literal=parsers.conf="$PARSER_CONFIG" \ + --dry-run=client -o yaml | oc apply -f -