Skip to content

Commit

Permalink
feat: veracode-discovery prod pipeline
Browse files Browse the repository at this point in the history
  • Loading branch information
@babuharidass11
babuharidass11 committed Apr 23, 2024
1 parent b82e5e0 commit 45c3b23
Show file tree
Hide file tree
Showing 5 changed files with 84 additions and 40 deletions.
15 changes: 10 additions & 5 deletions .github/actions/cloud-platform-deploy/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,12 @@ runs:
steps:
- uses: actions/checkout@v3

- name: Get environment details
uses: ./.github/actions/get-env-details
id: env
with:
environment: ${{ inputs.environment }}

- name: Authenticate
uses: ./.github/actions/cloud-platform-auth
with:
Expand All @@ -43,10 +49,9 @@ runs:
run: |
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
brew install helm
cd helm_deploy/${{ github.event.repository.name }}
yq -i ".appVersion = \"${{ inputs.version }}\"" "Chart.yaml"
helm dependency update .
exec helm upgrade '${{ github.event.repository.name }}' . \
yq -i ".appVersion = \"${{ inputs.version }}\"" "helm_deploy/${{ github.event.repository.name }}/Chart.yaml"
helm dependency update "helm_deploy/${{ github.event.repository.name }}"
exec helm upgrade '${{ github.event.repository.name }}' 'helm_deploy/${{ github.event.repository.name }}' \
--atomic \
--history-max 10 \
--force \
Expand All @@ -55,5 +60,5 @@ runs:
--set 'generic-service.image.tag=${{ inputs.version }}' \
--set 'version=${{ inputs.version }}' \
--timeout 10m \
--values '../values-${{ inputs.environment }}.yaml' \
--values 'helm_deploy/${{ steps.env.outputs.values-file }}' \
--wait
29 changes: 29 additions & 0 deletions .github/actions/get-env-details/action.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
name: Get environment details
description: Map the GitHub environment name to the corresponding Namespace environment details

inputs:
environment:
description: GitHub environment name
required: true

outputs:
values-file:
description: The filename for the values file containing environment configuration
value: ${{ steps.cloud-platform.outputs.values-file }}
cloud-platform-namespace:
description: The name of the corresponding Cloud Platform namespace
value: ${{ steps.cloud-platform.outputs.namespace }}

runs:
using: "composite"
steps:
- uses: actions/checkout@v4

- name: Map GitHub environment to Cloud Platform namespace
id: cloud-platform
shell: bash
run: |
if [ '${{ inputs.environment }}' == 'development' ]; then namespace='dev'; fi
if [ '${{ inputs.environment }}' == 'production' ]; then namespace='prod'; fi
echo "namespace=${namespace}" | tee -a "$GITHUB_OUTPUT"
echo "values-file=values-${namespace}.yaml" | tee -a "$GITHUB_OUTPUT"
4 changes: 0 additions & 4 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,5 @@
name: Build

permissions:
packages: write
contents: read

on:
workflow_call:
inputs:
Expand Down
39 changes: 17 additions & 22 deletions .github/workflows/deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,9 @@ name: Deploy

on:
workflow_call:
inputs:
github_environment:
description: The name of the github environment for deployment secrets
type: string
required: true
inputs:
environment:
description: The name of the environment to deploy to
description: The name of the environment to deploy to (dev/prod)
type: string
required: true
version:
Expand All @@ -18,19 +14,13 @@ on:

workflow_dispatch:
inputs:
github_environment:
description: The name of the github environment for deployment secrets
type: choice
required: true
options:
- development
- production
environment:
description: Environment
type: choice
required: true
options:
- dev
- development
- production
version:
description: Image version
type: string
Expand All @@ -41,18 +31,23 @@ jobs:
runs-on: ubuntu-latest
strategy:
fail-fast: false

environment:
name: ${{ inputs.github_environment }}
name: ${{ inputs.environment }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: ./.github/actions/get-env-details
id: env
with:
environment: ${{ inputs.environment }}

- name: Deploy to Cloud Platform
- name: Deploy to Platform
uses: ./.github/actions/cloud-platform-deploy
with:
environment: ${{ inputs.environment }}
version: ${{ inputs.version }}
api: https://${{ secrets.DEVELOPMENT_KUBE_CLUSTER }}
cert: ${{ secrets.DEVELOPMENT_KUBE_CERT }}
cluster: ${{ secrets.DEVELOPMENT_KUBE_CLUSTER }}
namespace: ${{ secrets.DEVELOPMENT_KUBE_NAMESPACE }}
token: ${{ secrets.DEVELOPMENT_KUBE_TOKEN }}
api: https://${{ secrets.KUBE_CLUSTER }}
cert: ${{ secrets.KUBE_CERT }}
cluster: ${{ secrets.KUBE_CLUSTER }}
namespace: ${{ secrets.KUBE_NAMESPACE }}
token: ${{ secrets.KUBE_TOKEN }}
37 changes: 28 additions & 9 deletions .github/workflows/pipeline.yml
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,23 @@
name: Pipeline

permissions:
packages: write
contents: read

on:
push:
branches:
- main
workflow_dispatch: # Can be triggered manually from a branch

workflow_dispatch:
inputs:
environment:
description: Environment
type: choice
required: true
options:
- development
- production
version:
description: Image version
type: string
required: true

jobs:
build:
Expand All @@ -17,13 +26,23 @@ jobs:
with:
push: true
secrets: inherit

deploy-to-dev:
deploy_to_dev:
name: Deploy to dev
uses: ./.github/workflows/deploy.yml
needs: build
with:
github_environment: development
environment: dev
environment: development
version: ${{ needs.build.outputs.version }}
secrets: inherit

deploy_to_prod:
name: Deploy to prod
uses: ./.github/workflows/deploy.yml
needs:
- build
- deploy_to_dev # wait for the deploy_to_dev job to complete
with:
environment: production
version: ${{ needs.build.outputs.version }}
secrets: inherit

0 comments on commit 45c3b23

Please sign in to comment.