Refactor OpenShift login step to use environment variables for server… #6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Kiln API via Helm | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| workflow_dispatch: | |
| env: | |
| APP_NAME: kiln-api | |
| CHART_PATH: helm/kiln-api | |
| LICENSE_PLATE: ed84ea | |
| IMAGE_REPO: ghcr.io/bcgov/kiln-api | |
| IMAGE_TAG: latest # Could be overridden by workflow_dispatch input | |
| DEV_NAMESPACE: dev | |
| TEST_NAMESPACE: test | |
| PROD_NAMESPACE: tools # To be changed to prod when ready | |
| TOOLS_NAMESPACE: tools | |
| OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }} | |
| OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set target namespace | |
| id: setns | |
| run: | | |
| if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then | |
| echo "namespace=${{ env.PROD_NAMESPACE }}" >> $GITHUB_OUTPUT | |
| elif [[ "${GITHUB_REF}" == "refs/heads/test" ]]; then | |
| echo "namespace=${{ env.TEST_NAMESPACE }}" >> $GITHUB_OUTPUT | |
| else | |
| echo "namespace=${{ env.DEV_NAMESPACE }}" >> $GITHUB_OUTPUT | |
| fi | |
| # Optionally: You could fetch the image tag from previous workflow run or artifact. For now, defaulting to 'latest'. | |
| # If you want to use the short SHA tag, you could set IMAGE_TAG: ${{ github.sha }} | |
| - name: Set up kubectl | |
| uses: azure/setup-kubectl@v3 | |
| with: | |
| version: 'latest' | |
| - name: Install Helm | |
| uses: azure/setup-helm@v4 | |
| with: | |
| version: 'latest' | |
| - name: Install oc | |
| uses: redhat-actions/oc-installer@v1 | |
| with: | |
| oc_version: '4.6' | |
| # Set environment variable for namespace which can be retrieved | |
| # from commands `oc whoami --show-server` and `oc whoami -t` | |
| - name: Log in to OpenShift | |
| uses: redhat-actions/oc-login@v1 | |
| with: | |
| openshift_server_url: ${{ env.OPENSHIFT_SERVER }} | |
| openshift_token: ${{ env.OPENSHIFT_TOKEN }} | |
| insecure_skip_tls_verify: true | |
| namespace: ${{ env.LICENSE_PLATE }}-${{ env.PROD_NAMESPACE }} | |
| if: ${{ env.OPENSHIFT_SERVER != '' && env.OPENSHIFT_TOKEN != '' }} | |
| - name: Deploy with Helm | |
| run: | | |
| helm upgrade --install kiln-api helm \ | |
| --namespace ${{ steps.setns.outputs.namespace }} \ | |
| -f helm/values.yaml | |