Merge pull request #191 from bcgov/deploymentconfigs-to-deployments

Convert DeploymentConfigs to Deployments

Author: trev-dev

.github/workflows/build.from.master.branch.deploy.to.dev.yml

@@ -5,9 +5,7 @@ env:
   OPENSHIFT_NAMESPACE_DEV: '${{ secrets.ECAS_NAMESPACE_NO_ENV }}-dev'
   REDHAT_REGISTRY_USERNAME: '${{ secrets.REDHAT_REGISTRY_USERNAME }}'
   REDHAT_REGISTRY_PASSWORD: '${{ secrets.REDHAT_REGISTRY_PASSWORD }}'
- 
-  
- 
+
   SOURCE_REPOSITORY: 'https://github.com/bcgov/EDUC-HUB.git'
   DOTNET_STARTUP_PROJECT: 'CASInterfaceService/cas-interface-service.csproj'
   IMAGE_REGISTRY: 'ghcr.io/${{ github.repository_owner }}'
@@ -17,7 +15,7 @@ env:
   APP_NAME_API: ecas-api
   APP_NAME_CAS: cas-api
   REDHAT_REGISTRY: https://registry.redhat.io
- 
+
   DOCKER_ARTIFACTORY_REPO: artifacts.developer.gov.bc.ca/docker-remote
   ARTIFACTORY_REPO: artifacts.developer.gov.bc.ca
   APP_NAME: ecas
@@ -48,7 +46,7 @@ env:
   CAS_API_SERVER: ${{ secrets.CAS_API_SERVER }}
   CAS_TOKEN_URI: /ords/cas/oauth/token
   CAS_INVOICE_URI: /ords/cas/cfs/apinvoice/
-  
+
   HOST_ROUTE: '${{ secrets.SITE_URL }}'
   BRANCH: "master"
 
@@ -57,7 +55,6 @@ env:
   PRIVATE_KEY: ${{ secrets.PRIV_KEY }}
   TRUSTED_CA_BUNDLE: ${{ secrets.TRUSTED_CA_BUNDLE }}
   ENV: "dev"
-  
 
 on:
   workflow_dispatch:
@@ -116,12 +113,12 @@ jobs:
 
       - name: Check out repository
         uses: actions/checkout@v3
-      
+
       - name: Determine image tags
         if: env.TAG == ''
         run: |
           echo "TAG=latest ${GITHUB_SHA::12}" | tee -a $GITHUB_ENV
-   
+
       - name: Install oc
         uses: redhat-actions/openshift-tools-installer@v1
         with:
@@ -211,77 +208,101 @@ jobs:
           registry: ${{ env.IMAGE_REGISTRY }}
           username: ${{ env.IMAGE_REGISTRY_USER }}
           password: ${{ env.IMAGE_REGISTRY_PASSWORD }}
-     
+
       - name: Deploy
-        run: >
+        run: |
           set -eux
 
           # Login to OpenShift and select project
-          
-          oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{
-          env.OPENSHIFT_SERVER }}
 
+          oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }}
           oc project ${{ env.OPENSHIFT_NAMESPACE_DEV  }}
 
           # Cancel any rollouts in progress
-
           oc rollout cancel dc/${{ env.APP_NAME_FRONTEND }} 2> /dev/null || true && echo "No rollout in progress"
-
           oc rollout cancel dc/${{ env.APP_NAME_API }} 2> /dev/null || true && echo "No ecas api rollout in progress"
-
           oc rollout cancel dc/${{ env.APP_NAME_CAS }} 2> /dev/null  || true && echo "No cas api rollout in progress"
 
-
           # Create the image stream if it doesn't exist
-
           oc create imagestream ${{ env.REPO_NAME }}-frontend> /dev/null || true && echo "Frontend image stream in place"
           oc create imagestream ${{ env.REPO_NAME }}-api> /dev/null || true && echo "Ecas API image stream in place"
           oc create imagestream ${{ env.REPO_NAME }}-cas-api> /dev/null || true && echo "CAS API  image stream in place"
 
+          oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV  }} ${{ steps.push-image-frontend.outputs.registry-path }} ${{ env.REPO_NAME }}-frontend:${{ env.TAG }}
+          oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV  }} ${{ steps.push-image-api.outputs.registry-path }} ${{ env.REPO_NAME }}-api:${{ env.TAG }}
+          oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV  }} ${{ steps.push-image-cas.outputs.registry-path }} ${{ env.REPO_NAME }}-cas-api:${{ env.TAG }}
+
+          curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/openshift/update-configmap.sh \
+            | bash /dev/stdin \
+              "${{ env.REPO_NAME }}" \
+              "${{ env.APP_DEBUG }}" \
+              "${{ env.DOCUMENTROOT }}" \
+              "${{ env.DYNAMICSBASEURL }}" \
+              "${{ env.ASPNETCORE_ENVIRONMENT }}" \
+              "${{ env.DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT }}" \
+              "${{ env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL }}" \
+              "${{ env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL }}" \
+              "${{ env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL }}" \
+              "${{ env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL }}" \
+              "${{ env.ASPNETCORE_ENVIRONMENT_CAS }}" \
+              "${{ env.CAS_API_SERVER }}" \
+              "${{ env.CAS_TOKEN_URI }}" \
+              "${{ env.CAS_INVOICE_URI }}" \
+              "${{ env.TRUSTED_CA_BUNDLE }}"
 
-          oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV  }}   ${{ steps.push-image-frontend.outputs.registry-path }}  ${{ env.REPO_NAME }}-frontend:${{ env.TAG }}
-
-
-          oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV  }}   ${{ steps.push-image-api.outputs.registry-path }}   ${{env.REPO_NAME }}-api:${{ env.TAG }}
-          
-          
-          
-          oc tag -n ${{ env.OPENSHIFT_NAMESPACE_DEV  }}   ${{ steps.push-image-cas.outputs.registry-path }}   ${{env.REPO_NAME }}-cas-api:${{ env.TAG }}
-
-          curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/openshift/update-configmap.sh | bash /dev/stdin  "${{ env.REPO_NAME }}" "${{env.APP_DEBUG}}" "${{env.DOCUMENTROOT}}" "${{ env.DYNAMICSBASEURL}}" "${{env.ASPNETCORE_ENVIRONMENT}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__ACTIVEENVIRONMENT}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDWEBAPIURL}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDREDIRECTURL}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDRESOURCEURL}}" "${{env.DYNAMICSAUTHENTICATIONSETTINGS__CLOUDBASEURL}}" "${{env.ASPNETCORE_ENVIRONMENT_CAS}}" "${{env.CAS_API_SERVER}}" "${{env.CAS_TOKEN_URI}}" "${{env.CAS_INVOICE_URI}}" "${{ env.TRUSTED_CA_BUNDLE }}"
-          
-          
           # Process and apply deployment template
-          
-          oc process -f ./openshift/templates/ecas-frontend/frontend.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }}  -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} -p HOST_ROUTE=${{ env.HOST_ROUTE}}  -p CA_CERT="${{ env.CA_CERT }}" -p CERTIFICATE="${{ env.CERTIFICATE }}" -p PRIVATE_KEY="${{ env.PRIVATE_KEY }}" -p ENV="${{env.ENV}}"| oc apply -f -
-
-
-
-          oc process -f ./openshift/templates/ecas-api/api.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }} -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} -p HOST_ROUTE=${{ env.HOST_ROUTE }}\
-          | oc apply -f -
-          
-          
-          oc process -f ./openshift/templates/cas-api/cas-api.dc.yaml -p APP_NAME=${{ env.APP_NAME }} -p REPO_NAME=${{ env.REPO_NAME }}  -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} -p TAG=${{ env.TAG }} -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} -p MIN_CPU=${{ env.MIN_CPU }} -p MAX_CPU=${{ env.MAX_CPU }} -p MIN_MEM=${{ env.MIN_MEM }} -p MAX_MEM=${{ env.MAX_MEM }} -p HOST_ROUTE=${{ env.HOST_ROUTE }}\
-          | oc apply -f -
-          
-
-           # Start rollout (if necessary) and follow it
-
+          oc process -f ./openshift/templates/ecas-frontend/frontend.dc.yaml \
+            -p APP_NAME=${{ env.APP_NAME }} \
+            -p REPO_NAME=${{ env.REPO_NAME }} \
+            -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} \
+            -p TAG=${{ env.TAG }} \
+            -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
+            -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
+            -p MIN_CPU=${{ env.MIN_CPU }} \
+            -p MAX_CPU=${{ env.MAX_CPU }} \
+            -p MIN_MEM=${{ env.MIN_MEM }} \
+            -p MAX_MEM=${{ env.MAX_MEM }} \
+            -p HOST_ROUTE=${{ env.HOST_ROUTE}} \
+            -p CA_CERT="${{ env.CA_CERT }}" \
+            -p CERTIFICATE="${{ env.CERTIFICATE }}" \
+            -p PRIVATE_KEY="${{ env.PRIVATE_KEY }}" \
+            -p ENV="${{env.ENV}}" | oc apply -f -
+
+          oc process -f ./openshift/templates/ecas-api/api.dc.yaml \
+            -p APP_NAME=${{ env.APP_NAME }} \
+            -p REPO_NAME=${{ env.REPO_NAME }} \
+            -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} \
+            -p TAG=${{ env.TAG }} \
+            -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
+            -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
+            -p MIN_CPU=${{ env.MIN_CPU }} \
+            -p MAX_CPU=${{ env.MAX_CPU }} \
+            -p MIN_MEM=${{ env.MIN_MEM }} \
+            -p MAX_MEM=${{ env.MAX_MEM }} \
+            -p HOST_ROUTE=${{ env.HOST_ROUTE }} | oc apply -f -
+
+          oc process -f ./openshift/templates/cas-api/cas-api.dc.yaml \
+            -p APP_NAME=${{ env.APP_NAME }} \
+            -p REPO_NAME=${{ env.REPO_NAME }} \
+            -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE_DEV }} \
+            -p TAG=${{ env.TAG }} \
+            -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
+            -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
+            -p MIN_CPU=${{ env.MIN_CPU }} \
+            -p MAX_CPU=${{ env.MAX_CPU }} \
+            -p MIN_MEM=${{ env.MIN_MEM }} \
+            -p MAX_MEM=${{ env.MAX_MEM }} \
+            -p HOST_ROUTE=${{ env.HOST_ROUTE }} | oc apply -f -
+
+          # Restart deployments to pick up new images and follow rollout status
+          oc rollout restart deployment/${{ env.APP_NAME_FRONTEND }} && echo "Rollout Front End in progress"
+          oc rollout restart deployment/${{ env.APP_NAME_API }} && echo "Rollout ECAS API  in progress"
+          oc rollout restart deployment/${{ env.APP_NAME_CAS }} && echo "Rollout CAS API in progress"
 
-          oc rollout latest dc/${{ env.APP_NAME_FRONTEND }} 2> /dev/null || true && echo "Rollout Front End in progress"
-
-          oc rollout latest dc/${{ env.APP_NAME_API }} 2> /dev/null || true && echo "Rollout ECAS API  in progress"
-
-          oc rollout latest dc/${{ env.APP_NAME_CAS }} 2> /dev/null || true && echo "Rollout CAS API in progress"
-          
           # Get status, returns 0 if rollout is successful
-
-          oc rollout status dc/${{ env.APP_NAME_FRONTEND }}
-
-          oc rollout status dc/${{ env.APP_NAME_API }}
-
-          oc rollout status dc/${{ env.APP_NAME_CAS }}
-
+          oc rollout status deployment/${{ env.APP_NAME_FRONTEND }}
+          oc rollout status deployment/${{ env.APP_NAME_API }}
+          oc rollout status deployment/${{ env.APP_NAME_CAS }}
 
       - name: ZAP Scan (action, fail on alerts)
         uses: zaproxy/action-full-scan@v0.12.0

.github/workflows/create_tag.yml

@@ -1,8 +1,6 @@
 name: Create Tag
 
 env:
-
-
   OPENSHIFT_SERVER: '${{ secrets.OPENSHIFT_SERVER }}'
   OPENSHIFT_TOKEN: '${{ secrets.OPENSHIFT_TOKEN }}'
   OPENSHIFT_NAMESPACE_DEV: '${{ secrets.ECAS_NAMESPACE_NO_ENV }}-dev'
@@ -22,15 +20,11 @@ on:
         description: 'Version Number'
         required: true
 
-
-
 jobs:
   tag_image:
     name: Tag Image
     runs-on: ubuntu-24.04
     environment: dev
-
-  
     steps:
       - name: Check out repository
         uses: actions/checkout@v2
@@ -45,8 +39,6 @@ jobs:
               ref: 'refs/tags/${{ github.event.inputs.version }}',
               sha: context.sha
             })
-        
-
       - name: Install oc
         uses: redhat-actions/openshift-tools-installer@v1
         with:
@@ -57,9 +49,9 @@ jobs:
       - name: Tag in OpenShift
         run: |
           set -eux
-   
+
           # Login to OpenShift and select project
-          
+
           oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{
           env.OPENSHIFT_SERVER }}