Skip to content
Build And Deploy to Sandbox in Dev namespace

GEO-36 SSO Keycloak Authentication Integration #34

Sign in to view logs

GEO-36 SSO Keycloak Authentication Integration

GEO-36 SSO Keycloak Authentication Integration #34

Workflow file for this run

.github/workflows/ci_cd_on_pr_dev_sandbox.yml at b3dc211
name: Build And Deploy to Sandbox in Dev namespace
on:
pull_request:
branches:
- main
concurrency:
# PR open and close use the same group, allowing only one at a time
group: pr-${{ github.workflow }}-${{ github.event.number }}
cancel-in-progress: true
jobs:
builds:
if: '!github.event.pull_request.head.repo.fork'
name: Build Containers for OpenShift Deployment
runs-on: ubuntu-22.04
permissions:
packages: write
strategy:
matrix:
package: [backend, database, database-migrations, frontend]
include:
- package: backend
triggers: ('backend/')
build_file: ./backend/Dockerfile
build_context: ./backend
- package: database
triggers: ('database/')
build_file: ./database/Dockerfile
build_context: ./database
- package: frontend
triggers: ('frontend/')
build_file: ./frontend/Dockerfile
build_context: ./frontend
- package: database-migrations
triggers: ('backend/db')
build_file: ./backend/db/Dockerfile
build_context: ./backend/db
steps:
- uses: actions/checkout@v3
- uses: bcgov-nr/[email protected]
with:
package: ${{ matrix.package }}
tag: ${{ github.event.number }}
tag_fallback: test
token: ${{ secrets.GITHUB_TOKEN }}
triggers: ${{ matrix.triggers }}
build_file: ${{ matrix.build_file }}
build_context: ${{ matrix.build_context }}
deploy-init:
if: '!github.event.pull_request.head.repo.fork'
name: Deploy Init to OpenShift
environment: dev
runs-on: ubuntu-22.04
steps:
- name: generate private and public key
id: generateKey
shell: bash
run: |
EOF=" "
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key -q -N ""
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
UI_PRIVATE_KEY_VAL=$(cat jwtRS256.key)
UI_PUBLIC_KEY_VAL=$(cat jwtRS256.key.pub)
echo "UI_PUBLIC_KEY<<$EOF" >> $GITHUB_OUTPUT
echo "$UI_PUBLIC_KEY_VAL" >> $GITHUB_OUTPUT
echo "$EOF" >> $GITHUB_OUTPUT
echo "UI_PRIVATE_KEY<<$EOF" >> $GITHUB_OUTPUT
echo "$UI_PRIVATE_KEY_VAL" >> $GITHUB_OUTPUT
echo "$EOF" >> $GITHUB_OUTPUT
- uses: bcgov-nr/[email protected]
with:
file: common/openshift.init.yml
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: false
parameters:
-p ZONE=${{ github.event.number }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/${{ matrix.name }}:${{ github.event.number }}
-p KEYCLOAK_CLIENT_ID=${{ secrets.KEYCLOAK_CLIENT_ID }} -p KEYCLOAK_CLIENT_SECRET=${{ secrets.KEYCLOAK_CLIENT_SECRET }}
-p KEYCLOAK_URL=${{ secrets.KEYCLOAK_URL }} -p UI_PRIVATE_KEY="${{ steps.generateKey.outputs.UI_PRIVATE_KEY }}"
-p UI_PUBLIC_KEY="${{ steps.generateKey.outputs.UI_PUBLIC_KEY }}"
deploys:
name: Deploy Containers to OpenShift
environment: dev
needs:
- deploy-init
- builds
runs-on: ubuntu-22.04
strategy:
matrix:
name: [database, backend, frontend]
include:
- name: database
file: database/openshift.deploy.yml
overwrite: false
- name: backend
file: backend/openshift.deploy.yml
overwrite: true
triggers: ('database/', 'backend/', 'frontend/')
verification_path: /api
parameters: -p PROMOTE_MIGRATION=${{ github.repository }}/database-migrations:${{ github.event.number }}
- name: frontend
file: frontend/openshift.deploy.yml
overwrite: true
triggers: ('database/', 'backend/', 'frontend/')
steps:
- uses: bcgov-nr/[email protected]
with:
file: ${{ matrix.file }}
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: ${{ matrix.overwrite }}
parameters:
-p ZONE=${{ github.event.number }} -p NAME=${{ github.event.repository.name }}
-p PROMOTE=${{ github.repository }}/${{ matrix.name }}:${{ github.event.number }}
${{ matrix.parameters }}
triggers: ${{ matrix.triggers }}
verification_path: ${{ matrix.verification_path }}