diff --git a/.github/workflows/build-push-clamav-client.yaml b/.github/workflows/build-push-clamav-client.yaml new file mode 100644 index 000000000..74e5b716e --- /dev/null +++ b/.github/workflows/build-push-clamav-client.yaml @@ -0,0 +1,101 @@ +name: clamav-client-build-and-push-dev + +on: + push: + branches: [master] + paths: + - "Java/README.md" + - "Java/clamav_client/**" + - .github/workflows/build-push-clamav-client.yaml + workflow_dispatch: + +env: + IMAGE_NAME: clamav + WORKING_DIRECTORY: Java/clamav_client + REPO_KEY: af03 + BRANCH_NAME: develop + VALUES_FILE: dev + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Build Image + working-directory: ${{env.WORKING_DIRECTORY}} + run: | + docker build -t artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}-client:dev . + + - name: Docker Push to Artifactory + run: | + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}-client:dev + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: image + image-ref: artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}-client:dev + format: 'table' + ignore-unfixed: true + limit-severities-for-sarif: true + severity: HIGH,CRITICAL + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Dev Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag ccversion: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/ccversion: .*/ccversion: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} clamavclient image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/build-push-form-handler.yaml b/.github/workflows/build-push-form-handler.yaml new file mode 100644 index 000000000..1395a60d6 --- /dev/null +++ b/.github/workflows/build-push-form-handler.yaml @@ -0,0 +1,103 @@ +name: form-handler-build-and-push-dev + +on: + push: + branches: [master] + paths: + - python/*.py + - python/common/** + - python/form_handler/** + - .github/workflows/build-push-form-handler.yaml + - trigger.txt + workflow_dispatch: + +env: + IMAGE_NAME: form-handler + WORKING_DIRECTORY: ./python + REPO_KEY: af03 + BRANCH_NAME: develop + VALUES_FILE: dev + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Build Image + working-directory: ${{env.WORKING_DIRECTORY}} + run: | + docker build -t artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev -f form_handler/Dockerfile . + + - name: Docker Push to Artifactory + run: | + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: image + image-ref: artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + format: 'table' + ignore-unfixed: true + limit-severities-for-sarif: true + severity: HIGH,CRITICAL + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Dev Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag fhversion: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/fhversion: .*/fhversion: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} formhandler image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/build-push-ingestor.yaml b/.github/workflows/build-push-ingestor.yaml new file mode 100644 index 000000000..3d742f7bc --- /dev/null +++ b/.github/workflows/build-push-ingestor.yaml @@ -0,0 +1,103 @@ +name: ingestor-build-and-push-dev + +on: + push: + branches: [master] + paths: + - python/*.py + - python/common/** + - python/form_handler/** + - .github/workflows/build-push-ingestor.yaml + - trigger.txt + workflow_dispatch: + +env: + IMAGE_NAME: ingestor + WORKING_DIRECTORY: ./python + REPO_KEY: af03 + BRANCH_NAME: develop + VALUES_FILE: dev + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Build Image + working-directory: ${{env.WORKING_DIRECTORY}} + run: | + docker build -t artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev -f ingestor/Dockerfile . + + - name: Docker Push to Artifactory + run: | + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: image + image-ref: artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + format: 'table' + ignore-unfixed: true + limit-severities-for-sarif: true + severity: HIGH,CRITICAL + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Dev Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag iversion: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/iversion: .*/iversion: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} ingestor image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/build-push-mail-net.yaml b/.github/workflows/build-push-mail-net.yaml new file mode 100644 index 000000000..aa78df9a9 --- /dev/null +++ b/.github/workflows/build-push-mail-net.yaml @@ -0,0 +1,101 @@ +name: mailnet-build-and-push-dev + +on: + push: + branches: [master] + paths: + - "Java/README.md" + - "Java/mail-it/**" + - ".github/workflows/build-push-mail-net.yaml" + workflow_dispatch: + +env: + IMAGE_NAME: mail-net + WORKING_DIRECTORY: Java/mail-it/src + REPO_KEY: af03 + BRANCH_NAME: develop + VALUES_FILE: dev + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Build Image + working-directory: ${{env.WORKING_DIRECTORY}} + run: | + docker build -t artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev . + + - name: Docker Push to Artifactory + run: | + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: image + image-ref: artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + format: 'table' + ignore-unfixed: true + limit-severities-for-sarif: true + severity: HIGH,CRITICAL + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Dev Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag mnversion: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/mnversion: .*/mnversion: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} mailnet image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/build-push-paybc.yaml b/.github/workflows/build-push-paybc.yaml new file mode 100644 index 000000000..39f5091e7 --- /dev/null +++ b/.github/workflows/build-push-paybc.yaml @@ -0,0 +1,103 @@ +name: paybc-build-and-push-dev + +on: + push: + branches: [master] + paths: + - python/*.py + - python/common/** + - python/paybc_api/** + - .github/workflows/build-push-paybc.yaml + - trigger.txt + workflow_dispatch: + +env: + IMAGE_NAME: paybc + WORKING_DIRECTORY: ./python + REPO_KEY: af03 + BRANCH_NAME: develop + VALUES_FILE: dev + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Build Image + working-directory: ${{env.WORKING_DIRECTORY}} + run: | + docker build -t artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev -f paybc_api/Dockerfile . + + - name: Docker Push to Artifactory + run: | + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: image + image-ref: artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + format: 'table' + ignore-unfixed: true + limit-severities-for-sarif: true + severity: HIGH,CRITICAL + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Dev Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag pbcversion: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/pbcversion: .*/pbcversion: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} paybc image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/build-push-validator.yaml b/.github/workflows/build-push-validator.yaml new file mode 100644 index 000000000..441fc5340 --- /dev/null +++ b/.github/workflows/build-push-validator.yaml @@ -0,0 +1,103 @@ +name: validator-build-and-push-dev + +on: + push: + branches: [master] + paths: + - python/*.py + - python/common/** + - python/validator/** + - .github/workflows/build-push-validator.yaml + - trigger.txt + workflow_dispatch: + +env: + IMAGE_NAME: validator + WORKING_DIRECTORY: ./python + REPO_KEY: af03 + BRANCH_NAME: develop + VALUES_FILE: dev + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Build Image + working-directory: ${{env.WORKING_DIRECTORY}} + run: | + docker build -t artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev -f validator/Dockerfile . + + - name: Docker Push to Artifactory + run: | + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: image + image-ref: artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + format: 'table' + ignore-unfixed: true + limit-severities-for-sarif: true + severity: HIGH,CRITICAL + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Dev Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag vversion: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/vversion: .*/vversion: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} validator image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/build-push-web-form.yaml b/.github/workflows/build-push-web-form.yaml new file mode 100644 index 000000000..60a9760d8 --- /dev/null +++ b/.github/workflows/build-push-web-form.yaml @@ -0,0 +1,101 @@ +name: web-form-build-and-push-dev + +on: + push: + branches: [master] + paths: + - .github/workflows/build-push-web-form.yaml + - "Java/README.md" + - "web_app/**" + workflow_dispatch: + +env: + IMAGE_NAME: web-form + WORKING_DIRECTORY: ./web_app + REPO_KEY: af03 + BRANCH_NAME: develop + VALUES_FILE: dev + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Build Image + working-directory: ${{env.WORKING_DIRECTORY}} + run: | + docker build -t artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev . + + - name: Docker Push to Artifactory + run: | + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: image + image-ref: artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + format: 'table' + ignore-unfixed: true + limit-severities-for-sarif: true + severity: HIGH,CRITICAL + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Dev Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag wfversion: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/wfversion: .*/wfversion: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} webform image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/build-push-writer.yaml b/.github/workflows/build-push-writer.yaml new file mode 100644 index 000000000..6216c1216 --- /dev/null +++ b/.github/workflows/build-push-writer.yaml @@ -0,0 +1,57 @@ +name: writer-build-and-push-dev + +on: + push: + branches: [new-namespace] + paths: + - python/*.py + - python/common/** + - python/writer/** + - .github/workflows/build-push-writer.yaml + - trigger.txt + workflow_dispatch: + +env: + IMAGE_NAME: writer + WORKING_DIRECTORY: ./python + REPO_KEY: af03 + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Build Image + working-directory: ${{env.WORKING_DIRECTORY}} + run: | + docker build -t artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev -f writer/Dockerfile . + + - name: Docker Push to Artifactory + run: | + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + scan-type: image + image-ref: artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + format: 'table' + ignore-unfixed: true + limit-severities-for-sarif: true + severity: HIGH,CRITICAL \ No newline at end of file diff --git a/.github/workflows/cd-workflow.yml b/.github/workflows/cd-workflow.yml deleted file mode 100644 index b81935573..000000000 --- a/.github/workflows/cd-workflow.yml +++ /dev/null @@ -1,78 +0,0 @@ -name: cd-workflow - -on: - workflow_call: - inputs: - DOCKER_CONTEXT: - required: true - type: string - DOCKER_FILE: - required: true - type: string - DOCKER_IMAGE_NAME: - required: true - type: string - DOCKER_IMAGE_TAG: - required: false - type: string - default: latest - secrets: - DOCKER_REGISTRY_BE78D6: - required: true - DOCKER_USERNAME_BE78D6: - required: true - DOCKER_PASSWORD_BE78D6: - required: true - -jobs: - build: - runs-on: ubuntu-latest - # if: ${{ !( - # github.event.pull_request.head.ref =~ '^hotfixrelease/' || - # github.event.pull_request.head.ref =~ '^hotfix/' || - # github.event.pull_request.head.ref =~ '^dependabot/'|| - # github.event.pull_request.head.ref =~ '^feature/' - # )}} - # if: ${{ github.event.pull_request.head.ref =~ '^release/' }} - if: startsWith(github.event.pull_request.head.ref, 'release/') - steps: - - name: Checkout - uses: actions/checkout@v3 - -# - name: Setup -# uses: docker/setup-buildx-action@v2 -# with: -# install: true - - - name: Login - uses: docker/login-action@v2 - with: - registry: ${{ secrets.DOCKER_REGISTRY_BE78D6 }} - username: ${{ secrets.DOCKER_USERNAME_BE78D6 }} - password: ${{ secrets.DOCKER_PASSWORD_BE78D6 }} - - - name: Tag - id: tag - uses: mathieudutour/github-tag-action@v6.1 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - tag_prefix: ${{ inputs.DOCKER_IMAGE_NAME }}=v - fetch_all_tags: true - - - name: Build & Push the image - working-directory: ${{env.WORKING_DIRECTORY}} - run: | - docker build -f ${{ inputs.DOCKER_FILE }} ./${{ inputs.DOCKER_CONTEXT }} -t ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ inputs.DOCKER_IMAGE_NAME }}:latest - docker push ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ inputs.DOCKER_IMAGE_NAME }}:latest - - - name: Authenticate and set context for tools namespace - uses: redhat-actions/oc-login@v1.1.2 - with: - openshift_server_url: ${{ secrets.OPENSHIFT_SERVER_URL_SILVER }} - openshift_token: ${{ secrets.OPENSHIFT_SA_PIPELINE_TOKEN_SILVER }} - namespace: "${{ secrets.OPENSHIFT_LICENSE_PLATE_SILVER }}-tools" - - - name: Import new image in Openshift from Artifactory - run: | - oc import-image ${{ inputs.DOCKER_IMAGE_NAME }}:latest --confirm - diff --git a/.github/workflows/ci-workflow.yml b/.github/workflows/ci-workflow.yml deleted file mode 100644 index 04672d18d..000000000 --- a/.github/workflows/ci-workflow.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: ci-workflow - -on: - workflow_call: - inputs: - DOCKER_CONTEXT: - required: true - type: string - DOCKER_FILE: - required: true - type: string - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup - uses: docker/setup-buildx-action@v2 - with: - install: true - - - name: Build - uses: docker/build-push-action@v3 - with: - context: ${{ inputs.DOCKER_CONTEXT }} - file: ${{ inputs.DOCKER_FILE }} - push: false diff --git a/.github/workflows/form_handler-cd.yml b/.github/workflows/form_handler-cd.yml deleted file mode 100644 index 93253d364..000000000 --- a/.github/workflows/form_handler-cd.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: form_handler-cd - -on: - # push: - # branches: - # - master - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - python/*.py - - python/common/** - - python/form_handler/** - - .github/workflows/form_handler-cd.yml - - trigger.txt - -jobs: - CD: - uses: ./.github/workflows/cd-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/form_handler/Dockerfile - DOCKER_IMAGE_NAME: dh-form_handler - secrets: inherit diff --git a/.github/workflows/form_handler-ci.yml b/.github/workflows/form_handler-ci.yml deleted file mode 100644 index ce8ff36f6..000000000 --- a/.github/workflows/form_handler-ci.yml +++ /dev/null @@ -1,31 +0,0 @@ -name: form_handler-ci - -# on: -# push: -# branches_ignore: -# - master -# paths: -# - python/*.py -# - python/common/** -# - python/form_handler/** -# - .github/workflows/form_handler-ci.yml -# - trigger.txt - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - python/*.py - - python/common/** - - python/form_handler/** - - .github/workflows/form_handler-ci.yml - - trigger.txt - -jobs: - CI: - uses: ./.github/workflows/ci-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/form_handler/Dockerfile diff --git a/.github/workflows/geocodersvc-cd.yml b/.github/workflows/geocodersvc-cd.yml deleted file mode 100644 index 70cc1c529..000000000 --- a/.github/workflows/geocodersvc-cd.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: geocodersvc-cd - -on: - # push: - # branches: - # - master - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - python/*.py - - python/common/** - - python/geocodersvc/** - - .github/workflows/geocodersvc-cd.yml - - trigger.txt - -jobs: - CD: - uses: ./.github/workflows/cd-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/geocodersvc/Dockerfile - DOCKER_IMAGE_NAME: dh-geocodersvc - secrets: inherit diff --git a/.github/workflows/geocodersvc-ci.yml b/.github/workflows/geocodersvc-ci.yml deleted file mode 100644 index d0cdc3568..000000000 --- a/.github/workflows/geocodersvc-ci.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: geocodersvc-ci - -on: - # push: - # branches_ignore: - # - master - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - python/*.py - - python/common/** - - python/geocodersvc/** - - .github/workflows/geocodersvc-ci.yml - - trigger.txt - -jobs: - CI: - uses: ./.github/workflows/ci-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/geocodersvc/Dockerfile diff --git a/.github/workflows/ingestor-cd.yml b/.github/workflows/ingestor-cd.yml deleted file mode 100644 index 36cd62dda..000000000 --- a/.github/workflows/ingestor-cd.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: ingestor-cd - -on: - # push: - # branches: - # - master - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - python/*.py - - python/common/** - - python/ingestor/** - - .github/workflows/ingestor-cd.yml - - trigger.txt - -jobs: - CD: - uses: ./.github/workflows/cd-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/ingestor/Dockerfile - DOCKER_IMAGE_NAME: dh-ingestor - secrets: inherit diff --git a/.github/workflows/ingestor-ci.yml b/.github/workflows/ingestor-ci.yml deleted file mode 100644 index 23f257b8e..000000000 --- a/.github/workflows/ingestor-ci.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: ingestor-ci - -on: - # push: - # branches_ignore: - # - master - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - python/*.py - - python/common/** - - python/ingestor/** - - .github/workflows/ingestor-ci.yml - - trigger.txt - -jobs: - CI: - uses: ./.github/workflows/ci-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/ingestor/Dockerfile diff --git a/.github/workflows/paybc-cd.yml b/.github/workflows/paybc-cd.yml deleted file mode 100644 index 77f5a83c0..000000000 --- a/.github/workflows/paybc-cd.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: paybc-cd - -on: - # push: - # branches: - # - master - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - python/*.py - - python/common/** - - python/paybc_api/** - - .github/workflows/paybc-cd.yml - - trigger.txt - -jobs: - CD: - uses: ./.github/workflows/cd-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/paybc_api/Dockerfile - DOCKER_IMAGE_NAME: dh-paybc - secrets: inherit diff --git a/.github/workflows/paybc-ci.yml b/.github/workflows/paybc-ci.yml deleted file mode 100644 index 744db4a56..000000000 --- a/.github/workflows/paybc-ci.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: paybc-ci - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - python/*.py - - python/common/** - - python/paybc_api/** - - .github/workflows/paybc-ci.yml - - trigger.txt - -jobs: - CI: - uses: ./.github/workflows/ci-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/paybc_api/Dockerfile diff --git a/.github/workflows/push-to-prod.yaml b/.github/workflows/push-to-prod.yaml new file mode 100644 index 000000000..d4ed08ca3 --- /dev/null +++ b/.github/workflows/push-to-prod.yaml @@ -0,0 +1,123 @@ +name: Push to Test + +on: + workflow_dispatch: + inputs: + application: + required: true + description: What application do you want to push to test? + type: choice + options: + - clamav-client + - form-handler + - ingestor + - mail-net + - paybc + - validator + - web-form + +env: + IMAGE_NAME: ${{ github.event.inputs.application }} + REPO_KEY: af03 + BRANCH_NAME: test + VALUES_FILE: test + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Set Conditions + run: | + if [[ "${{ env.IMAGE_NAME }}" == "clamav-client" ]]; then + echo "IMAGE_PREFIX=cc" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "form-handler" ]]; then + echo "IMAGE_PREFIX=fh" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "ingestor" ]]; then + echo "IMAGE_PREFIX=i" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "mail-net" ]]; then + echo "IMAGE_PREFIX=mn" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "paybc" ]]; then + echo "IMAGE_PREFIX=pbc" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "validator" ]]; then + echo "IMAGE_PREFIX=v" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "web-form" ]]; then + echo "IMAGE_PREFIX=wf" >> $GITHUB_ENV + else + echo "Unknown application: ${{ env.IMAGE_NAME }}" + fi + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Backup Prod Image + run: | + docker pull artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:prod + docker tag artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:prod artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:prod-backup + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:prod-backup + + - name: Docker Pull to Artifactory + run: | + docker pull artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:test + + - name: Docker Tag and Push to Artifactory + run: | + docker tag artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:test artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:prod + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:prod + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Test Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag ${{ env.IMAGE_PREFIX }}version: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/${{ env.IMAGE_PREFIX }}version: .*/${{ env.IMAGE_PREFIX }}version: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/push-to-test.yaml b/.github/workflows/push-to-test.yaml new file mode 100644 index 000000000..9a8372dee --- /dev/null +++ b/.github/workflows/push-to-test.yaml @@ -0,0 +1,117 @@ +name: Push to Test + +on: + workflow_dispatch: + inputs: + application: + required: true + description: What application do you want to push to test? + type: choice + options: + - clamav-client + - form-handler + - ingestor + - mail-net + - paybc + - validator + - web-form + +env: + IMAGE_NAME: ${{ github.event.inputs.application }} + REPO_KEY: af03 + BRANCH_NAME: test + VALUES_FILE: test + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Set Conditions + run: | + if [[ "${{ env.IMAGE_NAME }}" == "clamav-client" ]]; then + echo "IMAGE_PREFIX=cc" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "form-handler" ]]; then + echo "IMAGE_PREFIX=fh" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "ingestor" ]]; then + echo "IMAGE_PREFIX=i" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "mail-net" ]]; then + echo "IMAGE_PREFIX=mn" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "paybc" ]]; then + echo "IMAGE_PREFIX=pbc" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "validator" ]]; then + echo "IMAGE_PREFIX=v" >> $GITHUB_ENV + elif [[ "${{ env.IMAGE_NAME }}" == "web-form" ]]; then + echo "IMAGE_PREFIX=wf" >> $GITHUB_ENV + else + echo "Unknown application: ${{ env.IMAGE_NAME }}" + fi + + - name: Login to Artifactory + uses: docker/login-action@v1 + with: + registry: artifacts.developer.gov.bc.ca + username: ${{ secrets.ARTIFACTORY_USERNAME }} + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + + # Get SHORT_SHA for the version + - name: Get short SHA + id: short_sha + run: | + echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)" + echo "Short SHA: $SHORT_SHA" + + - name: Docker Pull to Artifactory + run: | + docker pull artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev + + - name: Docker Tag and Push to Artifactory + run: | + docker tag artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:dev artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:test + docker push artifacts.developer.gov.bc.ca/${{env.REPO_KEY}}-${{env.IMAGE_NAME}}/${{env.IMAGE_NAME}}:test + + - name: Set GitOps SSH Key + uses: webfactory/ssh-agent@v0.5.4 + with: + ssh-private-key: ${{ secrets.RSBC_SSH_KEY }} + + - name: Update Helm Test Values and Commit + id: helm + run: | + + echo "Updating ${{ env.BRANCH_NAME }} helm values to trigger ArgoCD deployment " + + # Commit and push the changes + git config --global user.email "actions@github.com" + git config --global user.name "RSBC-APR GitHub Actions" + git clone -b ${{ env.BRANCH_NAME }} --single-branch git@github.com:bcgov-c/tenant-gitops-f0392a.git + + # Navigate to the directory containing your Helm values file for the environment develop -> DEV, test -> test + + cd tenant-gitops-f0392a/charts + + # Update the Helm values file with the new image tag and version + DATETIME=$(date +'%Y-%m-%d %H:%M:%S') # Get current date and time + echo "Updating tag ${{ env.IMAGE_PREFIX }}version: to ${{ steps.short_sha.outputs.SHORT_SHA }}" + + sed -i "s/${{ env.IMAGE_PREFIX }}version: .*/${{ env.IMAGE_PREFIX }}version: v-${{ steps.short_sha.outputs.SHORT_SHA }} # Image Updated on $DATETIME/" ../deploy/${{ env.VALUES_FILE }}_values.yaml + + git add . + + git add ../deploy/${{ env.VALUES_FILE }}_values.yaml + + # Repackage Helm Chart + + cd gitops + + helm dependency build + + git add . + + git commit -m "Update ${{ env.BRANCH_NAME }} image tag" + + # pull any changes + git pull origin ${{ env.BRANCH_NAME }} + git push origin ${{ env.BRANCH_NAME }} # Update the branch name as needed \ No newline at end of file diff --git a/.github/workflows/rsbh-dh-clamav-cd.yml b/.github/workflows/rsbh-dh-clamav-cd.yml deleted file mode 100644 index 4b7eb77f8..000000000 --- a/.github/workflows/rsbh-dh-clamav-cd.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: rsbc-dh-claimav-cd - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - "Java/README.md" - - "Java/clamav_client/**" - - ".github/workflows/rsbh-dh-clamav-*.yml" - -env: - DOCKER_FILE: Java/clamav_client/Dockerfile - DOCKER_IMAGE_NAME: dh-clamav-client - WORKING_DIRECTORY: Java/clamav_client - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Login - uses: docker/login-action@v2 - with: - registry: ${{ secrets.DOCKER_REGISTRY_BE78D6 }} - username: ${{ secrets.DOCKER_USERNAME_BE78D6 }} - password: ${{ secrets.DOCKER_PASSWORD_BE78D6 }} - - - name: Build & Push the image - working-directory: ${{env.WORKING_DIRECTORY}} - run: | - docker build -t ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest . - docker push ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest - - - name: Authenticate and set context for tools namespace - uses: redhat-actions/oc-login@v1.1.2 - with: - openshift_server_url: ${{ secrets.OPENSHIFT_SERVER_URL_SILVER }} - openshift_token: ${{ secrets.OPENSHIFT_SA_PIPELINE_TOKEN_SILVER }} - namespace: "${{ secrets.OPENSHIFT_LICENSE_PLATE_SILVER }}-tools" - - - name: Import new image in Openshift from Artifactory - env: - IMAGE_NAME: ${{ env.DOCKER_IMAGE_NAME }} - run: | - oc import-image $IMAGE_NAME:latest --confirm - diff --git a/.github/workflows/rsbh-dh-clamav-ci.yml b/.github/workflows/rsbh-dh-clamav-ci.yml deleted file mode 100644 index e70b4ee66..000000000 --- a/.github/workflows/rsbh-dh-clamav-ci.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: rsbc-dh-claimav-ci - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - "Java/README.md" - - "Java/clamav_client/**" - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Login - uses: docker/login-action@v2 - with: - registry: ${{ secrets.DOCKER_REGISTRY_BE78D6 }} - username: ${{ secrets.DOCKER_USERNAME_BE78D6 }} - password: ${{ secrets.DOCKER_PASSWORD_BE78D6 }} - - - name: Build image - working-directory: ${{env.WORKING_DIRECTORY}} - run: | - docker build -t ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest . \ No newline at end of file diff --git a/.github/workflows/rsbh-dh-mail-net-cd.yml b/.github/workflows/rsbh-dh-mail-net-cd.yml deleted file mode 100644 index 1ad2cce38..000000000 --- a/.github/workflows/rsbh-dh-mail-net-cd.yml +++ /dev/null @@ -1,48 +0,0 @@ -name: rsbc-dh-mail-net-cd - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - "Java/README.md" - - "Java/mail-it/**" - - ".github/workflows/rsbh-dh-mail-net*.yml" -env: - DOCKER_FILE: Java/mail-it/src/Dockerfile - DOCKER_IMAGE_NAME: dh-mail-net - WORKING_DIRECTORY: Java/mail-it/src - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Login - uses: docker/login-action@v2 - with: - registry: ${{ secrets.DOCKER_REGISTRY_BE78D6 }} - username: ${{ secrets.DOCKER_USERNAME_BE78D6 }} - password: ${{ secrets.DOCKER_PASSWORD_BE78D6 }} - - - name: Build & Push the image - working-directory: ${{env.WORKING_DIRECTORY}} - run: | - docker build -t ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest . - docker push ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest - - - name: Authenticate and set context for tools namespace - uses: redhat-actions/oc-login@v1.1.2 - with: - openshift_server_url: ${{ secrets.OPENSHIFT_SERVER_URL_SILVER }} - openshift_token: ${{ secrets.OPENSHIFT_SA_PIPELINE_TOKEN_SILVER }} - namespace: "${{ secrets.OPENSHIFT_LICENSE_PLATE_SILVER }}-tools" - - - name: Import new image in Openshift from Artifactory - env: - IMAGE_NAME: ${{ env.DOCKER_IMAGE_NAME }} - run: | - oc import-image $IMAGE_NAME:latest --confirm - diff --git a/.github/workflows/rsbh-dh-mail-net-ci.yml b/.github/workflows/rsbh-dh-mail-net-ci.yml deleted file mode 100644 index 16cab4c25..000000000 --- a/.github/workflows/rsbh-dh-mail-net-ci.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: rsbc-dh-mail-net-ci - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - "Java/README.md" - - "Java/mail-it/**" - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Login - uses: docker/login-action@v2 - with: - registry: ${{ secrets.DOCKER_REGISTRY_BE78D6 }} - username: ${{ secrets.DOCKER_USERNAME_BE78D6 }} - password: ${{ secrets.DOCKER_PASSWORD_BE78D6 }} - - - name: Build the image - working-directory: ${{env.WORKING_DIRECTORY}} - run: | - docker build -t ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest . \ No newline at end of file diff --git a/.github/workflows/rsbh-dh-web-form-cd.yml b/.github/workflows/rsbh-dh-web-form-cd.yml deleted file mode 100644 index 3a55fec38..000000000 --- a/.github/workflows/rsbh-dh-web-form-cd.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: rsbc-dh-web-form-cd - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - "Java/README.md" - - "web_app/**" - - ".github/workflows/rsbh-dh-web-form*.yml" - -env: - DOCKER_FILE: web_app/Dockerfile - DOCKER_IMAGE_NAME: dh-web-form - WORKING_DIRECTORY: web_app - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Login - uses: docker/login-action@v2 - with: - registry: ${{ secrets.DOCKER_REGISTRY_BE78D6 }} - username: ${{ secrets.DOCKER_USERNAME_BE78D6 }} - password: ${{ secrets.DOCKER_PASSWORD_BE78D6 }} - - - name: Build & Push the image - working-directory: ${{env.WORKING_DIRECTORY}} - run: | - docker build -t ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest . - docker push ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest - - - name: Authenticate and set context for tools namespace - uses: redhat-actions/oc-login@v1.1.2 - with: - openshift_server_url: ${{ secrets.OPENSHIFT_SERVER_URL_SILVER }} - openshift_token: ${{ secrets.OPENSHIFT_SA_PIPELINE_TOKEN_SILVER }} - namespace: "${{ secrets.OPENSHIFT_LICENSE_PLATE_SILVER }}-tools" - - - name: Import new image in Openshift from Artifactory - env: - IMAGE_NAME: ${{ env.DOCKER_IMAGE_NAME }} - run: | - oc import-image $IMAGE_NAME:latest --confirm - diff --git a/.github/workflows/rsbh-dh-web-form-ci.yml b/.github/workflows/rsbh-dh-web-form-ci.yml deleted file mode 100644 index c87432979..000000000 --- a/.github/workflows/rsbh-dh-web-form-ci.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: rsbc-dh-web-form-ci - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - "Java/README.md" - - "web_app/**" - - ".github/workflows/rsbh-dh-web-form*.yml" - -env: - DOCKER_FILE: web_app/Dockerfile - DOCKER_IMAGE_NAME: dh-web-form - WORKING_DIRECTORY: web_app - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Login - uses: docker/login-action@v2 - with: - registry: ${{ secrets.DOCKER_REGISTRY_BE78D6 }} - username: ${{ secrets.DOCKER_USERNAME_BE78D6 }} - password: ${{ secrets.DOCKER_PASSWORD_BE78D6 }} - - - name: Build & Push the image - working-directory: ${{env.WORKING_DIRECTORY}} - run: | - docker build -t ${{ secrets.DOCKER_REGISTRY_BE78D6 }}/${{ env.DOCKER_IMAGE_NAME }}:latest . \ No newline at end of file diff --git a/.github/workflows/validator-cd.yml b/.github/workflows/validator-cd.yml deleted file mode 100644 index be32a7515..000000000 --- a/.github/workflows/validator-cd.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: validator-cd -on: - # push: - # branches: - # - master - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - python/*.py - - python/common/** - - python/validator/** - - .github/workflows/validator-cd.yml - - trigger.txt - -jobs: - CD: - uses: ./.github/workflows/cd-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/validator/Dockerfile - DOCKER_IMAGE_NAME: dh-validator - secrets: inherit diff --git a/.github/workflows/validator-ci.yml b/.github/workflows/validator-ci.yml deleted file mode 100644 index 3239311f9..000000000 --- a/.github/workflows/validator-ci.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: validator-ci - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - python/*.py - - python/common/** - - python/validator/** - - .github/workflows/validator-ci.yml - - trigger.txt - -jobs: - CI: - uses: ./.github/workflows/ci-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/validator/Dockerfile diff --git a/.github/workflows/writer-cd.yml b/.github/workflows/writer-cd.yml deleted file mode 100644 index 16767e107..000000000 --- a/.github/workflows/writer-cd.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: writer-cd - -on: - # push: - # branches: - # - master - pull_request: - types: [opened, reopened, edited, synchronize] - branches: - - master - paths: - - python/*.py - - python/common/** - - python/writer/** - - .github/workflows/writer-cd.yml - - trigger.txt - -jobs: - CD: - uses: ./.github/workflows/cd-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/writer/Dockerfile - DOCKER_IMAGE_NAME: dh-writer - secrets: inherit diff --git a/.github/workflows/writer-ci.yml b/.github/workflows/writer-ci.yml deleted file mode 100644 index b21c0ee03..000000000 --- a/.github/workflows/writer-ci.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: writer-ci - -on: - pull_request: - types: [opened, reopened, edited, synchronize] - branches-ignore: - - master - paths: - - python/*.py - - python/common/** - - python/writer/** - - .github/workflows/writer-ci.yml - - trigger.txt - -jobs: - CI: - uses: ./.github/workflows/ci-workflow.yml - with: - DOCKER_CONTEXT: python - DOCKER_FILE: python/writer/Dockerfile