.github/workflows/main_build_deploy_dev.yml from bcgov/jag-document-utils

.github/workflows/main_build_deploy_dev.yml
Summary

Maintainability

Test Coverage

Issues
# This is the main workflow that creates a new image and push to Openshift image stream which in turn triggers the deployment

name: Main - Build Image and Push to Openshift Registry for Dev Deployment

# Controls when the workflow will run
on:
  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:
    inputs:
      app:
        description: 'App Name (jag-document-utils-api)'    
        required: true
        default: jag-document-utils-api
      env:
        type: choice
        description: Image Target environment
        options: 
        - dev    
        required: true
        default: 'dev'

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  # This workflow contains a single job called "build"
  build-push-image:
    # The type of runner that the job will run on
    runs-on: ubuntu-20.04
    environment: ${{ github.event.inputs.env }}

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
      - name: Git Checkout
        uses: actions/checkout@v3
      
      # Get Git latest short Sha# from the release branch used. This Sha# will be used in image tagging as well as DC Pod labelling.
      - name: Get git commit short sha
        id: sha
        run: |
          shortSha=$(echo $(git rev-parse --short HEAD) | cut -c1-7)
          echo "gitsha=$shortSha" >> $GITHUB_ENV
      
      # Prints vital release paramters used
      - name: Print Release Variables
        run: |
          echo "Release Application: ${{ github.event.inputs.app }}"
          echo "Release Environment: ${{ github.event.inputs.env }}"
          echo "Release Git Sha: ${{env.gitsha}}"
      
      #Build image jag-document-utils-api
      - name: Build image jag-document-utils-api
        env:
          COMPOSE_DOCKER_CLI_BUILD: 1
          DOCKER_BUILDKIT: 1
          APP: ${{github.event.inputs.app}}
          CONTEXT: ./src/document-utils-api
        run: |
          docker build \
          -t ${APP}:${{env.gitsha}} \
          --build-arg MVN_PROFILE=openshift \
          --build-arg SKIP_TESTS=true \
          ${CONTEXT}
      
      #Login to OpenShift Container Repository
      - name: Login to OpenShift Container Repository
        uses: docker/login-action@v2
        with:
          registry: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY}}
          username: ${{secrets.OPENSHIFT_SA_USERNAME}}
          password: ${{secrets.OPENSHIFT_SA_PASSWORD}}

      #Push image jag-document-utils-api to OpenShift Image stream
      - name: Push Image jag-document-utils-api to Openshift Image Stream
        env:
          IMAGE: ${{secrets.OPENSHIFT_EXTERNAL_REPOSITORY}}/${{secrets.OPENSHIFT_TOOLS_NAMESPACE}}/${{github.event.inputs.app}}:${{ github.event.inputs.env }}
        run: |
          docker tag ${{github.event.inputs.app}}:${{env.gitsha}} ${IMAGE}
          docker push ${IMAGE}
      
      #Login to Openshift using OC SA and Token of respective env. for Pod labelling
      - name: Authenticate OC Env Specific SA
        uses: redhat-actions/oc-login@v1
        env:
          OPENSHIFT_NAMESPACE: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }}
          OPENSHIFT_USER: ${{secrets.OPENSHIFT_SA_Env_DEPLOYER_NAME}}
        with:
          openshift_server_url: ${{secrets.OPENSHIFT_SERVER_URL}}
          openshift_token: ${{secrets.OPENSHIFT_SA_ENV_DEPLOYER_TOKEN}}
          namespace: ${OPENSHIFT_NAMESPACE}
      
      # Labels the deployment config of the application with latest gitsha to spin up the pods labelled in same version
      - name: Labelling DC of jag-document-utils-api to latest gitsha
        env:
          appName: ${{github.event.inputs.app}}
          openshiftEnvNamespace: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }}
        run: |
          oc patch dc ${appName} -n ${openshiftEnvNamespace} --patch '{"spec":{"template":{"metadata":{"labels":{"version":"${{ env.gitsha }}"}}}}}'
      
      # Wait to DC rollout of jag-document-utils-api to get completed
      - name: Wait for DC rollout of jag-document-utils-api
        env:
          appName: ${{github.event.inputs.app}}
          openshiftEnvNamespace: ${{secrets.OPENSHIFT_LICENSE_PLATE}}-${{ github.event.inputs.env }}
        run: |
          oc rollout status -n ${openshiftEnvNamespace} dc/${appName} --watch