Merge pull request #10 from bcgov-nr/feat/composerUpdates

feat: latest composer updates

Author: andrwils

.github/workflows/build-release.yaml

@@ -20,14 +20,16 @@ env:
   SERVICE_NAME: nodejs-sample
 
 jobs:
-  check_token_expiration:
+  check-token-expiration:
+    name: Check token expiration
     uses: ./.github/workflows/check-token.yaml
+    permissions: {}
     secrets:
       token: ${{ secrets.broker_jwt_BFB8F8BC_D617_484A_9A4E_E9B98AB4E5BC }}
   build-release:
     name: Build and release
     runs-on: ubuntu-latest
-    needs: check_token_expiration
+    needs: check-token-expiration
     permissions:
       contents: read
       packages: write

.github/workflows/check-token.yaml

@@ -14,6 +14,7 @@ on:
 
 jobs:
   check-jwt:
+    name: Check broker token
     runs-on: ubuntu-latest
 
     steps:

.github/workflows/deploy.yaml

@@ -20,15 +20,20 @@ env:
   PACKAGE_REPO: ghcr.io/${{ github.repository }}/package
 
 jobs:
-  check_token_expiration:
+  check-token-expiration:
+    name: Check token expiration
     uses: ./.github/workflows/check-token.yaml
+    permissions: {}
     secrets:
       token: ${{ secrets.broker_jwt_BFB8F8BC_D617_484A_9A4E_E9B98AB4E5BC }}
-  deploy-build:
-    name: Deploy development version
+  deploy-pre-release-build:
+    name: Trigger dev/test deployment
     if: ${{ ! startsWith(github.ref, 'refs/tags/') }}
     runs-on: ubuntu-latest
-    needs: check_token_expiration
+    needs: check-token-expiration
+    permissions:
+      contents: read
+      packages: read
     outputs:
       project_version: ${{ steps.set-build-output.outputs.project_version }}
       build_guid: ${{ steps.set-build-output.outputs.build_guid }}
@@ -80,11 +85,14 @@ jobs:
         env:
           PACKAGE_TAG: ${{ github.ref_name }}
           PACKAGE_REPO: ${{ env.PACKAGE_REPO }}
-  deploy-tag:
-    name: Deploy release version
+  deploy-release-build:
+    name: Trigger prod deployment
     if: ${{ startsWith(github.ref, 'refs/tags/') }}
     runs-on: ubuntu-latest
-    needs: check_token_expiration
+    needs: check-token-expiration
+    permissions:
+      contents: read
+      packages: read
     outputs:
       project_version: ${{ steps.set-tag-output.outputs.project_version }}
       build_guid: ${{ steps.set-tag-output.outputs.build_guid }}
@@ -137,16 +145,21 @@ jobs:
         env:
           PACKAGE_TAG: ${{ steps.set-tag-output.outputs.project_tag }}
           PACKAGE_REPO: ${{ env.PACKAGE_REPO }}
-  submit-job:
-    name: Submit job
+  submit-deployment-job:
+    name: Submit deployment job
     if: |
       always() &&
-      ((needs.deploy-build.result == 'success' && needs.deploy-tag.result == 'skipped') ||
-      (needs.deploy-build.result == 'skipped' && needs.deploy-tag.result == 'success'))
-    needs: [deploy-build, deploy-tag]
+      ((needs.deploy-pre-release-build.result == 'success' && needs.deploy-release-build.result == 'skipped') ||
+      (needs.deploy-pre-release-build.result == 'skipped' && needs.deploy-release-build.result == 'success'))
+    needs: [deploy-pre-release-build, deploy-release-build]
+    permissions:
+      actions: read
+      packages: read
+      contents: read
     runs-on: ubuntu-latest
     steps:
-      - name: Submit a job to Jenkins
+      # See: https://github.com/bcgov-nr/polaris-pipelines
+      - name: Submit deployment job
         run: |
           curl \
           --data-urlencode "token=${{ secrets.JENKINS_TOKEN }}" \
@@ -163,13 +176,15 @@ jobs:
           -H "Connection: close" \
           ${{ env.URL }}/${{ env.JOB }}
         env:
-          PROJECT_VERSION: ${{ needs.deploy-build.outputs.project_version || needs.deploy-tag.outputs.project_version }}
-          BUILD_GUID: ${{ needs.deploy-build.outputs.build_guid || needs.deploy-tag.outputs.build_guid }}
-          BUILD_NUMBER: ${{ needs.deploy-build.outputs.build_number || needs.deploy-tag.outputs.build_number }}
-          ARTIFACT_SHA256: ${{ needs.deploy-build.outputs.artifact_sha256 || needs.deploy-tag.outputs.artifact_sha256 }}
-          DOWNLOAD_URL: ${{ needs.deploy-build.outputs.download_url || needs.deploy-tag.outputs.download_url }}
-      # The automatically generated GitHub token will expire when the workflow ends. We need to wait so the job has time to clone the repo
-      # and download the package
-      - name: Sleep
+          PROJECT_VERSION: ${{ needs.deploy-pre-release-build.outputs.project_version || needs.deploy-release-build.outputs.project_version }}
+          BUILD_GUID: ${{ needs.deploy-pre-release-build.outputs.build_guid || needs.deploy-release-build.outputs.build_guid }}
+          BUILD_NUMBER: ${{ needs.deploy-pre-release-build.outputs.build_number || needs.deploy-release-build.outputs.build_number }}
+          ARTIFACT_SHA256: ${{ needs.deploy-pre-release-build.outputs.artifact_sha256 || needs.deploy-release-build.outputs.artifact_sha256 }}
+          DOWNLOAD_URL: ${{ needs.deploy-pre-release-build.outputs.download_url || needs.deploy-release-build.outputs.download_url }}
+      - name: Display deployment job URL
+        run: |
+          DEPLOYMENT_JOB_URL="${{ env.URL }}/job/${{ env.SERVICE_PROJECT }}/job/${{ env.SERVICE_NAME }}/"
+          echo "Deployment job URL: ${DEPLOYMENT_JOB_URL}"
+      - name: Keep GH token alive
         run: sleep 90s
         shell: bash

playbooks/playbook.yaml

@@ -1,5 +1,5 @@
 ---
-- name: hello/vvsddsv
+- name: nodejs-sample/nodejs-sample
   hosts: "{{ tomcat_server_hosts }}"
   collections:
     - polaris.deploy
@@ -11,17 +11,45 @@
 
   roles:
     # prepare the installation environment by creating the necessary folders
-    - name: create_project_directories
+    # See: https://github.com/bcgov/nr-polaris-collection/tree/main/polaris/deploy/roles/create_project_directories
+    - role: create_project_directories
 
     # Establish the port number
-    - name: port_manager
+    # See: https://github.com/bcgov/nr-polaris-collection/tree/main/polaris/deploy/roles/port_manager
+    - role: port_manager
 
-    # install & configure the Tomcat container
-    - name: nodejs
-      vars:
-        nodejs_version_number: "latest-v22.x"
-        proxy_env: "{{ env_vars }}"
+    # Install nodejs
+    # See: https://github.com/bcgov/nr-polaris-collection/tree/main/polaris/deploy/roles/nodejs
+    - role: nodejs
 
-    - name: nodejs_app
-      vars:
-        proxy_env: "{{ env_vars }}"
+    # Install nodejs application
+    # See: https://github.com/bcgov/nr-polaris-collection/tree/main/polaris/deploy/roles/nodejs_app
+    - role: nodejs_app
+
+  tasks:
+    - ansible.builtin.stat:
+        path: custom-tasks.yaml
+      register: playbookcustomtask
+      delegate_to: localhost
+    - ansible.builtin.debug:
+        msg: >
+          Warning! Review custom-tasks.yaml carefully. Please thoroughly check for potential issues
+          such as incorrect paths, overwritten files, or unintentional destructive commands. Failing
+          to validate the script may result in deployment failures, data loss, or service downtime.
+      when: playbookcustomtask.stat.exists
+    - ansible.builtin.include_tasks: custom-tasks.yaml
+      when: playbookcustomtask.stat.exists
+    # The following is an example of a custom-tasks.yaml for adding custom webapp configuration files
+    # ---
+    # - name: configure nonstandard files
+    #   template:
+    #     src: "{{ playbook_dir }}/templates/{{ item.src }}"
+    #     dest: "{{ item.dest }}"
+    #     mode: "0775"
+    #   become: yes
+    #   become_user: "{{ install_user }}"
+    #   with_items:
+    #   - {
+    #       src: "configuration.ts.j2",
+    #       dest: "{{ nodejs_app_service_install_app_home }}/dist/src/config/configuration.js"
+    #     }

playbooks/vars/standard/all.yaml

@@ -1,21 +1,21 @@
-# The following properties are required by all services
+# This file was generated by the nr-repository-composer pd-nodejs-playbook generator.
+# This file is used for standard variables related to all environments.
 # Ansible connection properties
 ssh_user: "{{ lookup('ansible.builtin.env', 'PODMAN_CD_USER') }}"
 ssh_pass: "{{ lookup('ansible.builtin.env', 'PODMAN_CD_PASS') }}"
 ansible_user: "{{ lookup('ansible.builtin.env', 'PODMAN_CD_USER') }}"
 ansible_become_password: "{{ lookup('ansible.builtin.env', 'PODMAN_CD_PASS') }}"
 ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
 
-polaris_apps_project_version: "{{ lookup('ansible.builtin.env', 'PODMAN_PROJECT_VERSION') }}"
-polaris_apps_build_number: "{{ lookup('ansible.builtin.env', 'PODMAN_BUILD_NUMBER') }}"
-
 # General properties
 polaris_apps_project_name: "NODEJS-SAMPLE"
 polaris_apps_service_name: "nodejs-sample"
+
+polaris_apps_project_version: "{{ lookup('ansible.builtin.env', 'PODMAN_PROJECT_VERSION') }}"
+polaris_apps_build_number: "{{ lookup('ansible.builtin.env', 'PODMAN_BUILD_NUMBER') }}"
 polaris_apps_service_install_name: "{{ polaris_apps_project_version }}-{{ polaris_apps_build_number }}"
 
 # The following properties are custom to each particular service
-context:
 
 # By default, the Tomcat port is set dynamically by using the port_manager role
 # If you need to set a static port, replace the dynamic port assignment value with your static value

playbooks/vars/standard/dev.yaml

@@ -1,5 +1,2 @@
-# Use this file for properties specific to the development (integration, delivery) environment
-webade_jdbc_url: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_jdbc_url') }}"
-webade_db_user: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_username') }}"
-webade_db_pass: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_password') }}"
-webade_env: DEV
+# This file was generated by the nr-repository-composer pd-nodejs-playbook generator.
+# This file is used for standard variables related to the development (integration, delivery) environment.

playbooks/vars/standard/prod.yaml

@@ -1,5 +1,2 @@
-# Use this file for properties specific to the production environment
-webade_jdbc_url: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_jdbc_url') }}"
-webade_db_user: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_username') }}"
-webade_db_pass: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_password') }}"
-webade_env: PROD
+# This file was generated by the nr-repository-composer pd-nodejs-playbook generator.
+# This file is used for standard variables related to the production environment.

playbooks/vars/standard/test.yaml

@@ -1,5 +1,2 @@
-# Use this file for properties specific to the test environment
-webade_jdbc_url: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_jdbc_url') }}"
-webade_db_user: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_username') }}"
-webade_db_pass: "{{ lookup('ansible.builtin.env', 'PODMAN_webade_password') }}"
-webade_env: TEST
+# This file was generated by the nr-repository-composer pd-nodejs-playbook generator.
+# This file is used for standard variables related to the test environment.