Giter Club home page Giter Club logo

openshift-launchpad-deployment's Introduction

OpenShift Launchpad CI/CD Pipeline

[img]

This repo is a GItHub Action that enables a GitHub repository to trigger a deployment to OpenShift. This is intended to be used to spin up a new environment when a new pull request is created or when code is pushed to or merged into a branch.

This action was built specifically with GitHub Flow and Continuous Deployment in mind.

Prerequisistes

Applications using the pipeline must be Dockerized. This action expects to find a Dockerfile in the root directory of consumer projects. The Docker image must expose a port via EXPOSE {{MY_PORT_NUMBER}} e.g. EXPOSE 3000.

Note that this pipeline is currently targeted at simple REST API applications and web client applications. Please review the server and client build config templates and deployment config templates and ensure they are appropriate for your application.

Getting Started

Dockerized applications that wish to use this action must create a GitHub actions workflow of their own. See GitHub's documentation. As an example, save the following to your repository as /.github/workflows/action.yml.

name: Pull Request Deployment
on: pull_request
jobs:
  deploy:
    name: OpenShift Deployment
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Use Pipeline Action
        uses: bcgov/[email protected]
        with:
          MODE: server
          AUTH_TOKEN: ${{ secrets.AUTH_TOKEN }}
          NAMESPACE: myproject-dev
          APP_NAME: myapp-pr${{ github.event.number }}

Note that more jobs may be added and the above demonstrates only the OpenShift deployment job. Additionaly jobs may be running tests, static analysis, etc.

Inputs

Imputs to this action are supplied via the with property in a consumers action.yml file. Some inputs are required regardless of the MODE supplied while other are required specifically for the client or server config templates.

Please note that the port exposed by the consuming repo's Dockerfile must match the port supplied as the SERVER_PORT or CLIENT_PORT input, depending on the MODE used.

Name Required Description
MODE All Either "server" or "client" depending on the desired config template
AUTH_TOKEN All Authorization token used to login to OpenShift cluster, see Authorization section of this document
NAMESPACE All Namespace in which to build and deploy the application
APP_NAME All Name of the application e.g. my-app-name-pr4
BRANCH None Branch of the application repo that is to be deployed, defaults to master
SERVER_PORT None Port exposed by the server, must match port exposed by Dockerfile, defaults to 5000
CLIENT_PORT None Port exposed by the client, must match port exposed by Dockerfile, defaults to 3000
API_URL Client The URL that is exposed by the route in the server application, available as env var in client

Environment Variables

Currently, setting arbitrary environment variables is not supported. These will need to be set in your Dockerfile using ENV [NAME] [VALUE]. See relevant Docker documentation.

What Does This Action Do?

This GitHub Action uses the OpenShift CLI to deploy an application. All commands used can be seen in the Makefile. At a high level, the action runs either the create-server or create-client make commands, depending on the MODE input supplied.

In detail, this repository presents itself as a GitHub Action via metadata in the action.yml file. This action creates a Docker container that includes the OpenShift CLI. It immediately runs entrypoint.sh which logs into your OpenShift cluster using the provided token.

Next, any previous builds of the same name are cleared from the cluster. The Makefile processes config templates stored in the openshift directory, filling in any parameters. The server.(bc|dc).json or client.(bc|dc).json template is chosen for MODE "server" and "client", respectively. The processed template is then pushed to OpenShift using oc apply.

Currently, the action does not define or run unit tests. Until a spec is developed that allows generalization of running tests, they must be added by the consumer repository in the action.yml file.

Authorization

This action accesses your OpenShift cluster on your behalf. To enable this access, it is recommended that a service account is created. The following outlines how an OpenShift authorization token can be aquired.

  1. Login to the OpenShift console
  2. From the navbar dropedown menu, select Cluster Console
  3. Select Administration > Service Accounts > Create Service Account
  4. Edit the YAML to allow access to the desired namespace
  5. Within the newly created service account, select the secret that contains "token" in the name
  6. Click Copy to Clipboard on the "TOKEN" data value

The service account created will also need to have a role bound to it.

  1. From the OpenShift Cluster Console, select Administration > Role Bindings > Create Binding
  2. Give the role binding a name such as "GitHub Admin"
  3. Select the namespace that the service account was created in
  4. Select "admin" as the Role Name
  5. Select "Service Account" as the Subject
  6. Select the namespace of the service account and add its name as the Subject Name
  7. Click Create Binding

This token can be saved as a GitHub secret in your repo. Navigate to Settings > Secrets and name the secret appropriately. Note that an OpenShift service account can have access to only one namespace. Depending on your workflow and CI/CD pipeline, you may need several service accounts and therefore secrets.

openshift-launchpad-deployment's People

Contributors

ashtonmeuser avatar fwkendall avatar hitankar-freshworks avatar repo-mountie[bot] avatar sybrand avatar

Stargazers

avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

mtcarto sybrand will-freshworks

openshift-launchpad-deployment's Issues

Add project lifecycle badge

No Project Lifecycle Badge found in your readme!

Hello! I scanned your readme and could not find a project lifecycle badge. A project lifecycle badge will provide contributors to your project as well as other stakeholders (platform services, executive) insight into the lifecycle of your repository.

What is a Project Lifecycle Badge?

It is a simple image that neatly describes your project's stage in its lifecycle. More information can be found in the project lifecycle badges documentation.

What do I need to do?

I suggest you make a PR into your README.md and add a project lifecycle badge near the top where it is easy for your users to pick it up :). Once it is merged feel free to close this issue. I will not open up a new one :)

It's Been a While Since This Repository has Been Updated

This issue is a kind reminder that your repository has been inactive for 181 days. Some repositories are maintained in accordance with business requirements that infrequently change thus appearing inactive, and some repositories are inactive because they are unmaintained.

To help differentiate products that are unmaintained from products that do not require frequent maintenance, repomountie will open an issue whenever a repository has not been updated in 180 days.

  • If this product is being actively maintained, please close this issue.
  • If this repository isn't being actively maintained anymore, please archive this repository. Also, for bonus points, please add a dormant or retired life cycle badge.

Thank you for your help ensuring effective governance of our open-source ecosystem!

Add missing topics

TL;DR

Topics greatly improve the discoverability of repos; please add the short code from the table below to the topics of your repo so that ministries can use GitHub's search to find out what repos belong to them and other visitors can find useful content (and reuse it!).

Why Topic

In short order we'll add our 800th repo. This large number clearly demonstrates the success of using GitHub and our Open Source initiative. This huge success means its critical that we work to make our content as discoverable as possible; Through discoverability, we promote code reuse across a large decentralized organization like the Government of British Columbia as well as allow ministries to find the repos they own.

What to do

Below is a table of abbreviation a.k.a short codes for each ministry; they're the ones used in all @gov.bc.ca email addresses. Please add the short codes of the ministry or organization that "owns" this repo as a topic.

add a topic

That's in, you're done!!!

How to use

Once topics are added, you can use them in GitHub's search. For example, enter something like org:bcgov topic:citz to find all the repos that belong to Citizens' Services. You can refine this search by adding key words specific to a subject you're interested in. To learn more about searching through repos check out GitHub's doc on searching.

Pro Tip ๐Ÿค“

  • If your org is not in the list below, or the table contains errors, please create an issue here.

  • While you're doing this, add additional topics that would help someone searching for "something". These can be the language used javascript or R; something like opendata or data for data only repos; or any other key words that are useful.

  • Add a meaningful description to your repo. This is hugely valuable to people looking through our repositories.

  • If your application is live, add the production URL.

Ministry Short Codes

Short Code Organization Name
AEST Advanced Education, Skills & Training
AGRI Agriculture
ALC Agriculture Land Commission
AG Attorney General
MCF Children & Family Development
CITZ Citizens' Services
DBC Destination BC
EMBC Emergency Management BC
EAO Environmental Assessment Office
EDUC Education
EMPR Energy, Mines & Petroleum Resources
ENV Environment & Climate Change Strategy
FIN Finance
FLNR Forests, Lands, Natural Resource Operations & Rural Development
HLTH Health
FLNR Indigenous Relations & Reconciliation
JEDC Jobs, Economic Development & Competitiveness
LBR Labour Policy & Legislation
LDB BC Liquor Distribution Branch
MMHA Mental Health & Addictions
MAH Municipal Affairs & Housing
BCPC Pension Corporation
PSA Public Safety & Solicitor General & Emergency B.C.
SDPR Social Development & Poverty Reduction
TCA Tourism, Arts & Culture
TRAN Transportation & Infrastructure

NOTE See an error or omission? Please create an issue here to get it remedied.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.