Updates verify-pr logic (#303)

Sean Sundberg · web-flow · commit 2a3319d4bda7 · 2021-03-12T00:12:12.000-06:00
* Uses custom actions to verify iZero and updates parameters to actions 
* Adds scheduled workflow to verify master
* Adds badge to README and verify on push also
* Updates failing slack message

Signed-off-by: Sean Sundberg &lt;seansund@us.ibm.com&gt;
diff --git a/.github/scripts/validate-deploy.sh b/.github/scripts/validate-deploy.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+SCRIPT_DIR=$(cd $(dirname $0); pwd -P)
+
+export KUBECONFIG="${PWD}/.kube/config"
+
+set -e
+
+kubectl get pods -A
+
+kubectl get cm cloud-config -n default
+
+exit 0
diff --git a/.github/workflows/verify-master.yaml b/.github/workflows/verify-master.yaml
@@ -0,0 +1,60 @@
+name: Verify
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the main branch
+on:
+  push:
+    branches:
+    - master
+  schedule:
+    - cron: "0 7 * * *"
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    container: quay.io/ibmgaragecloud/cli-tools:v0.10.0-lite
+
+    strategy:
+      matrix:
+        platform: [ocp4_latest]
+      fail-fast: false
+
+    env:
+      HOME: /home/devops
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v1
+
+      - name: Verify deploy on ${{ matrix.platform }}
+        uses: ibm-garage-cloud/action-module-verify-deploy@main
+        with:
+          clusterId: ${{ matrix.platform }}
+          validateDeployScript: .github/scripts/validate-deploy.sh
+          testStagesDir: ./terraform/stages
+        env:
+          TF_VAR_ibmcloud_api_key: ${{ secrets.IBMCLOUD_API_KEY }}
+          IBMCLOUD_API_KEY: ${{ secrets.IBMCLOUD_API_KEY }}
+
+      - name: Verify destroy on ${{ matrix.platform }}
+        uses: ibm-garage-cloud/action-module-verify-destroy@main
+        if: ${{ always() }}
+        with:
+          clusterId: ${{ matrix.platform }}
+          testStagesDir: ./terraform/stages
+        env:
+          TF_VAR_ibmcloud_api_key: ${{ secrets.IBMCLOUD_API_KEY }}
+          IBMCLOUD_API_KEY: ${{ secrets.IBMCLOUD_API_KEY }}
+
+      - name: Slack Notification
+        if: ${{ failure() }}
+        uses: rtCamp/action-slack-notify@v2.0.2
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
+          SLACK_USERNAME: "cntkBot"
+          SLACK_ICON_EMOJI: ":cloudwb:"
+          SLACK_TITLE: "iZero verify failed"
+          SLACK_MESSAGE: "Iteration Zero deploy verification failed"
+          MSG_MINIMAL: true
diff --git a/.github/workflows/verify-pr.yaml b/.github/workflows/verify-pr.yaml
@@ -1,93 +1,52 @@
 name: Verify PR
 
 # Controls when the action will run. Triggers the workflow on push or pull request
-# events but only for the master branch
+# events but only for the main branch
 on:
   pull_request:
     branches: [ master ]
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
   verify:
-    # The type of runner that the job will run on
     if: ${{ !contains( github.event.pull_request.labels.*.name, 'skip ci' ) }}
     runs-on: ubuntu-latest
     container: quay.io/ibmgaragecloud/cli-tools:v0.10.0-lite
 
     strategy:
       matrix:
-        platform: [ocp44_vpc]
+        platform: [ocp4_latest]
       #      max-parallel: 1
       fail-fast: false
 
     env:
       HOME: /home/devops
-      NAMESPACE: ${{ secrets.NAMESPACE }}
-      TF_VAR_tools_namespace: ${{ secrets.NAMESPACE }}
-      TF_VAR_ibmcloud_api_key: ${{ secrets.IBMCLOUD_API_KEY }}
-      IBMCLOUD_API_KEY: ${{ secrets.IBMCLOUD_API_KEY }}
-      TF_VAR_resource_group_name: ${{ secrets.TEST_RESOURCE_GROUP }}
-      TF_VAR_region: ${{ secrets.TEST_REGION }}
-      TF_VAR_cluster_name: ${{ secrets[format('TEST_CLUSTER_{0}', matrix.platform)] }}
-      TF_VAR_cluster_type: ${{ matrix.platform }}
-      TF_VAR_vpc_cluster: ${{ endswith(matrix.platform, 'vpc') }}
-      TF_VAR_logdna_exists: "true"
-      TF_VAR_sysdig_exists: "true"
-      TF_VAR_cluster_exists: "true"
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
-      - name: Validate config
-        run: |
-          echo "Github sha: ${{ github.sha }}"
-          echo "Github ref: ${{ github.ref }}"
-          if [ -z "${NAMESPACE}" ]; then
-            echo "The NAMESPACE secret has not been set within the Git repo"
-            exit 1
-          fi
-
       - name: Checkout
         uses: actions/checkout@v1
 
-      # Setups up the task
-      - name: Setup ${{ matrix.platform }}
-        run: |
-          ls -lA
-          mkdir -p /tmp/workspace
-          cp -R ./terraform/scripts-workspace/* /tmp/workspace
-          cp -R ./terraform/stages/* /tmp/workspace
-          cp -R ./test/stages/* /tmp/workspace
-
-      # Deploy
-      - name: Deploy ${{ matrix.platform }}
-        run: |
-          cd /tmp/workspace
-          ./apply.sh
-
-      # Test deploy
-#      - name: Validate deploy ${{ matrix.platform }}
-#        run: |
-#          cd /tmp/workspace
-#          ./validate-deploy.sh ${{ matrix.platform }} ${{ env.NAMESPACE }}
-
-      # Destroy
-#      - name: Destroy ${{ matrix.platform }}
-#        run: |
-#          cd /tmp/workspace
-#          ./destroy.sh
+      - name: Verify deploy on ${{ matrix.platform }}
+        uses: ibm-garage-cloud/action-module-verify-deploy@main
+        with:
+          clusterId: ${{ matrix.platform }}
+          validateDeployScript: .github/scripts/validate-deploy.sh
+          testStagesDir: ./terraform/stages
+        env:
+          TF_VAR_ibmcloud_api_key: ${{ secrets.IBMCLOUD_API_KEY }}
+          IBMCLOUD_API_KEY: ${{ secrets.IBMCLOUD_API_KEY }}
+
+      - name: Verify destroy on ${{ matrix.platform }}
+        uses: ibm-garage-cloud/action-module-verify-destroy@main
+        if: ${{ always() }}
+        with:
+          clusterId: ${{ matrix.platform }}
+          testStagesDir: ./terraform/stages
+        env:
+          TF_VAR_ibmcloud_api_key: ${{ secrets.IBMCLOUD_API_KEY }}
+          IBMCLOUD_API_KEY: ${{ secrets.IBMCLOUD_API_KEY }}
 
-      # Test destroy
-#      - name: Validate destroy ${{ matrix.platform }}
-#        run: |
-#          cd /tmp/workspace
-#          ./capture-cluster-state.sh ${{ matrix.platform }} $PWD/cluster-state/before $PWD/cluster-state/after
-#          if diff -q $PWD/cluster-state/before $PWD/cluster-state/after 1> /dev/null; then
-#            echo "Destroy completed successfully"
-#          else
-#            echo "Resources don't match"
-#            diff $PWD/cluster-state/before $PWD/cluster-state/after
-#            exit 1
-#          fi
   label:
     # The type of runner that the job will run on
     needs: verify
diff --git a/README.md b/README.md
@@ -2,6 +2,8 @@
 
 ![Latest release](https://img.shields.io/github/v/release/ibm-garage-cloud/ibm-garage-iteration-zero?sort=semver)
 
+![Verify workflow](https://github.com/ibm-garage-cloud/ibm-garage-iteration-zero/workflows/verify-master.yml/badge.svg)
+
 ## Iteration Zero for IBM Cloud
 
 This repository contains infrastructure as code (IasC) scripting to create an IBM Garage Cloud Native Toolkit 
