OpenShift Pet Clinic Workflow #643
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: OpenShift Pet Clinic Workflow | |
on: | |
push: | |
workflow_dispatch: | |
schedule: | |
- cron: '0 0 * * *' # every day at midnight | |
env: | |
IMAGE_PATH: quay.io/redhat-github-actions/petclinic:latest | |
APP_NAME: petclinic | |
APP_PORT: 8080 | |
IMAGE_STREAM: ${{ secrets.OPENSHIFT_NAMESPACE }}/petclinic-${{ github.run_id }} | |
concurrency: | |
group: example-workflow | |
cancel-in-progress: false | |
jobs: | |
## To keep the workflow simple, we will only be using oc-new-app action in the workflow and use the | |
## 'petclinic' image which we already have on quay.io | |
##################################################################################################################### | |
## The OpenShift Deploy step deploys the image that we have previously created and present on quay.io | |
## It can then run any integration tests before deleting the resources that were created. | |
openshift-deploy: | |
name: Deploy to OpenShift | |
strategy: | |
max-parallel: 1 | |
fail-fast: false | |
matrix: | |
image-source: [ "IMAGE_PATH", "IMAGE_STREAM" ] | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout action | |
uses: actions/checkout@v4 | |
# Use the commit short-sha as the suffix of the app_name | |
- name: Get commit short-sha | |
id: commit-data | |
uses: redhat-actions/common/commit-data@v1 | |
# Log into the OpenShift cluster using the secrets configured in the repository settings. | |
# The GitHub Ubuntu runners have oc pre-installed. | |
# If you're not using those runners, be sure to check out https://github.com/redhat-actions/openshift-tools-installer. | |
- name: OpenShift login | |
uses: redhat-actions/oc-login@v1 | |
with: | |
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} | |
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
# openshift_username: | |
# openshift_password: | |
insecure_skip_tls_verify: true | |
namespace: ${{ secrets.OPENSHIFT_NAMESPACE }} | |
- name: Create Image stream from the image | |
if: ${{ matrix.image-source == 'IMAGE_STREAM' }} | |
run: | | |
oc create is ${{ env.APP_NAME }}-${{ github.run_id }} | |
oc import-image ${{ env.APP_NAME }}-${{ github.run_id }} --from ${{ env.IMAGE_PATH }} | |
# This step will create a deployment, service, and route to run your app and expose it to the internet. | |
- name: Create and expose app | |
id: oc-new-app | |
# uses: redhat-actions/oc-new-app@v1 Test the checked-out version of this action - a user would need the above 'uses'. | |
uses: ./ | |
env: | |
IMAGE: ${{ env[matrix.image-source] }} | |
with: | |
app_name: ${{ env.APP_NAME }}-${{ steps.commit-data.outputs.short_sha }} | |
image: ${{ env.IMAGE }} | |
namespace: ${{ secrets.OPENSHIFT_NAMESPACE }} | |
build_env: | | |
MY_ENV=MY_VALUE | |
# port: ${{ env.APP_PORT }} | |
# create_pull_secret_from: podman | |
# registry: quay.io | |
# registry_username: ${{ env.REGISTRY_USERNAME }} | |
# registry_password: ${{ secrets.REGISTRY_PASSWORD }} | |
- name: Echo outputs | |
run: | | |
echo "${{ toJSON(steps.oc-new-app.outputs) }}" | |
# Perform a (very) basic integration test. | |
# This step is retried since the time to pull the image and start the pod can vary. | |
- name: Test project is running | |
id: test-project | |
uses: nick-invision/retry@v2.2.0 | |
with: | |
timeout_seconds: 3 | |
retry_wait_seconds: 10 | |
max_attempts: 30 | |
warning_on_retry: false | |
# Just check that the root endpoint returns a success status (-f flag). | |
command: curl -sSfLi ${{ steps.oc-new-app.outputs.route }} | |
- name: Delete Image Stream | |
if: ${{ matrix.image-source == 'IMAGE_STREAM' && always() }} | |
run: | | |
oc delete is $(oc get is | grep ${{ env.APP_NAME }} | awk '{ print $1 }' ) | |
- name: Tear down | |
if: always() | |
run: | | |
oc delete all,secret --selector=${{ steps.oc-new-app.outputs.selector }} -n ${{ secrets.OPENSHIFT_NAMESPACE }} |