From 251d9581539a1b695d8cd93a2612965828cc8356 Mon Sep 17 00:00:00 2001 From: Andreas Salhus Bakseter <141913422+baksetercx@users.noreply.github.com> Date: Fri, 10 May 2024 10:42:58 +0200 Subject: [PATCH] Test examples --- .github/workflows/test-actions-examples.yml | 22 ++++ .github/workflows/test-actions.yml | 7 ++ README.md | 127 +------------------- examples/build-deploy-google.yml | 112 +++++++++++++++++ examples/build-deploy.yml | 97 +++++++++++++++ 5 files changed, 242 insertions(+), 123 deletions(-) create mode 100644 .github/workflows/test-actions-examples.yml create mode 100644 examples/build-deploy-google.yml create mode 100644 examples/build-deploy.yml diff --git a/.github/workflows/test-actions-examples.yml b/.github/workflows/test-actions-examples.yml new file mode 100644 index 0000000..f8fffd4 --- /dev/null +++ b/.github/workflows/test-actions-examples.yml @@ -0,0 +1,22 @@ +name: Test workflow examples + +on: + push: + branches: [trunk] + # TODO: remove + pull_request: + branches: [trunk] + +jobs: + test-examples: + name: Test examples + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Test 'build-deploy.yml' + uses: ./examples/build-deploy.yml + + - name: Test 'build-deploy-google.yml' + uses: ./examples/build-deploy-google.yml diff --git a/.github/workflows/test-actions.yml b/.github/workflows/test-actions.yml index 6aad81c..d4951ed 100644 --- a/.github/workflows/test-actions.yml +++ b/.github/workflows/test-actions.yml @@ -14,6 +14,7 @@ jobs: unittests: name: Run unit tests runs-on: ubuntu-latest + if: false # TODO: remove permissions: contents: read checks: write @@ -30,6 +31,7 @@ jobs: analyze: name: Run CodeQL analysis runs-on: ubuntu-latest + if: false # TODO: remove permissions: actions: read contents: read @@ -45,6 +47,7 @@ jobs: build: name: Build runs-on: ubuntu-latest + if: false # TODO: remove permissions: contents: read id-token: write @@ -66,6 +69,7 @@ jobs: name: Deploy to dev on AKS needs: [build] runs-on: ubuntu-latest + if: false # TODO: remove permissions: contents: read id-token: write @@ -87,6 +91,7 @@ jobs: name: Deploy to dev on GKE needs: [build] runs-on: ubuntu-latest + if: false # TODO: remove permissions: contents: read id-token: write @@ -109,6 +114,7 @@ jobs: trivy_iac_scan: runs-on: ubuntu-latest name: Scan IaC with Trivy + if: false # TODO: remove permissions: actions: read contents: read @@ -124,6 +130,7 @@ jobs: terraform_format_check: runs-on: ubuntu-latest name: Check Terraform code formatting + if: false # TODO: remove steps: - name: Checkout repository uses: actions/checkout@v4 diff --git a/README.md b/README.md index ee9d139..1e9e81d 100644 --- a/README.md +++ b/README.md @@ -53,6 +53,10 @@ GitHub Actions templates for the Elvia organization. # Actions +## Examples + +See [examples](examples) for how to use the actions in a full workflow. + ## Build @@ -166,129 +170,6 @@ This action requires the following [permissions](https://docs.github.com/en/acti -### Example usage in a full workflow - -```yaml -name: Build and deploy to Kubernetes - -on: - push: - branches: [trunk] - pull_request: - branches: [trunk] - -env: - APPLICATION_NAME: demo-api - SYSTEM_NAMESPACE: core - -jobs: - unittests: - name: Unit Tests - runs-on: ubuntu-latest - permissions: - contents: read - checks: write - issues: read - pull-requests: write - steps: - - uses: 3lvia/core-github-actions-templates/unittest@trunk - - analyze: - name: Run CodeQL analysis - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - steps: - - uses: 3lvia/core-github-actions-templates/unittest@trunk - - build: - name: Build - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - environment: build - steps: - - uses: 3lvia/core-github-actions-templates/build@trunk - with: - name: ${{ env.APPLICATION_NAME }} - namespace: ${{ env.SYSTEM_NAMESPACE }} - dockerfile: '.github/test/src/Dockerfile' - AZURE_CLIENT_ID: ${{ vars.ACR_CLIENT_ID }} - - deploy_dev: - name: Deploy to dev - needs: [build, analyze] - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - environment: dev - steps: - - uses: 3lvia/core-github-actions-templates/deploy@trunk - with: - name: ${{ env.APPLICATION_NAME }} - namespace: ${{ env.SYSTEM_NAMESPACE }} - environment: 'dev' - helm-values-path: '.github/test/deploy/values.yaml' - AZURE_CLIENT_ID: ${{ vars.AKS_CLIENT_ID }} - - deploy_test: - name: Deploy to test - needs: [deploy_dev] - runs-on: ubuntu-latest - environment: test - # Only on push to trunk - if: github.ref == 'refs/heads/trunk' - steps: - - uses: 3lvia/core-github-actions-templates/deploy@trunk - with: - name: ${{ env.APPLICATION_NAME }} - namespace: ${{ env.SYSTEM_NAMESPACE }} - environment: 'test' - helm-values-path: '.github/deploy/values.yaml' - AZURE_CLIENT_ID: ${{ vars.AKS_CLIENT_ID }} - - deploy_prod: - name: Deploy Prod - needs: [deploy_test] - runs-on: ubuntu-latest - environment: prod - # Only on push to trunk - if: github.ref == 'refs/heads/trunk' - steps: - - uses: 3lvia/core-github-actions-templates/deploy@trunk - with: - name: ${{ env.APPLICATION_NAME }} - namespace: ${{ env.SYSTEM_NAMESPACE }} - environment: 'prod' - helm-values-path: '.github/deploy/values.yaml' - AZURE_CLIENT_ID: ${{ vars.AKS_CLIENT_ID }} - - #Example for deploying to GKE: - # - #deploy_gke_dev: - # name: Deploy to dev on GKE - # needs: [build, analyze] - # runs-on: ubuntu-latest - # permissions: - # contents: read - # id-token: write - # environment: dev - # steps: - # - uses: 3lvia/core-github-actions-templates/deploy@trunk - # with: - # name: ${{ env.APPLICATION_NAME }} - # namespace: ${{ env.SYSTEM_NAMESPACE }} - # environment: 'dev' - # helm-values-path: '.github/test/deploy/values.yaml' - # runtime-cloud-provider: 'GKE' - # GC_SERVICE_ACCOUNT: ${{ vars.GC_SERVICE_ACCOUNT }} - # GC_WORKLOAD_IDENTITY_PROVIDER: ${{ vars.GC_WORKLOAD_IDENTITY_PROVIDER }} -``` - ## Deploy diff --git a/examples/build-deploy-google.yml b/examples/build-deploy-google.yml new file mode 100644 index 0000000..59444c7 --- /dev/null +++ b/examples/build-deploy-google.yml @@ -0,0 +1,112 @@ +name: Build and deploy to Kubernetes on Google Cloud + +on: + push: + branches: [trunk] + pull_request: + branches: [trunk] + # NOTE: this is for internal testing, remove this line when copying to your project + workflow_call: + # NOTE: this is for internal testing, remove this line when copying to your project + +env: + APPLICATION_NAME: 'demo-api' + SYSTEM_NAMESPACE: 'core' + +jobs: + unittests: + name: Run unit tests + runs-on: ubuntu-latest + permissions: + contents: read + checks: write + issues: read + pull-requests: write + steps: + - uses: 3lvia/core-github-actions-templates/unittest@trunk + + analyze: + name: Run CodeQL analysis + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + steps: + - uses: 3lvia/core-github-actions-templates/unittest@trunk + + build: + name: Build + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + environment: build + steps: + - uses: 3lvia/core-github-actions-templates/build@trunk + with: + name: ${{ env.APPLICATION_NAME }} + namespace: ${{ env.SYSTEM_NAMESPACE }} + dockerfile: '.github/test/src/Dockerfile' + AZURE_CLIENT_ID: ${{ vars.ACR_CLIENT_ID }} + + deploy-dev: + name: Deploy to dev + needs: [build, analyze] + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + environment: dev + steps: + - uses: 3lvia/core-github-actions-templates/deploy@trunk + with: + name: ${{ env.APPLICATION_NAME }} + namespace: ${{ env.SYSTEM_NAMESPACE }} + environment: 'dev' + helm-values-path: '.github/test/deploy/values.yaml' + runtime-cloud-provider: 'GKE' + GC_SERVICE_ACCOUNT: ${{ vars.GC_SERVICE_ACCOUNT }} + GC_WORKLOAD_IDENTITY_PROVIDER: ${{ vars.GC_WORKLOAD_IDENTITY_PROVIDER }} + + deploy-test: + name: Deploy to test + needs: [deploy-dev] + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + environment: test + # Only on push to trunk + if: github.ref == 'refs/heads/trunk' + steps: + - uses: 3lvia/core-github-actions-templates/deploy@trunk + with: + name: ${{ env.APPLICATION_NAME }} + namespace: ${{ env.SYSTEM_NAMESPACE }} + environment: 'prod' + helm-values-path: '.github/test/deploy/values.yaml' + runtime-cloud-provider: 'GKE' + GC_SERVICE_ACCOUNT: ${{ vars.GC_SERVICE_ACCOUNT }} + GC_WORKLOAD_IDENTITY_PROVIDER: ${{ vars.GC_WORKLOAD_IDENTITY_PROVIDER }} + + deploy-prod: + name: Deploy to prod + needs: [deploy-test] + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + environment: test + # Only on push to trunk + if: github.ref == 'refs/heads/trunk' + steps: + - uses: 3lvia/core-github-actions-templates/deploy@trunk + with: + name: ${{ env.APPLICATION_NAME }} + namespace: ${{ env.SYSTEM_NAMESPACE }} + environment: 'prod' + helm-values-path: '.github/test/deploy/values.yaml' + runtime-cloud-provider: 'GKE' + GC_SERVICE_ACCOUNT: ${{ vars.GC_SERVICE_ACCOUNT }} + GC_WORKLOAD_IDENTITY_PROVIDER: ${{ vars.GC_WORKLOAD_IDENTITY_PROVIDER }} diff --git a/examples/build-deploy.yml b/examples/build-deploy.yml new file mode 100644 index 0000000..0d0166f --- /dev/null +++ b/examples/build-deploy.yml @@ -0,0 +1,97 @@ +name: Build and deploy to Kubernetes + +on: + push: + branches: [trunk] + pull_request: + branches: [trunk] + +env: + APPLICATION_NAME: 'demo-api' + SYSTEM_NAMESPACE: 'core' + +jobs: + unittests: + name: Run unit tests + runs-on: ubuntu-latest + permissions: + contents: read + checks: write + issues: read + pull-requests: write + steps: + - uses: 3lvia/core-github-actions-templates/unittest@trunk + + analyze: + name: Run CodeQL analysis + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + steps: + - uses: 3lvia/core-github-actions-templates/unittest@trunk + + build: + name: Build + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + environment: build + steps: + - uses: 3lvia/core-github-actions-templates/build@trunk + with: + name: ${{ env.APPLICATION_NAME }} + namespace: ${{ env.SYSTEM_NAMESPACE }} + dockerfile: '.github/test/src/Dockerfile' + AZURE_CLIENT_ID: ${{ vars.ACR_CLIENT_ID }} + + deploy-dev: + name: Deploy to dev + needs: [build, analyze] + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + environment: dev + steps: + - uses: 3lvia/core-github-actions-templates/deploy@trunk + with: + name: ${{ env.APPLICATION_NAME }} + namespace: ${{ env.SYSTEM_NAMESPACE }} + environment: 'dev' + helm-values-path: '.github/test/deploy/values.yaml' + AZURE_CLIENT_ID: ${{ vars.AKS_CLIENT_ID }} + + deploy-test: + name: Deploy to test + needs: [deploy-dev] + runs-on: ubuntu-latest + environment: test + # Only on push to trunk + if: github.ref == 'refs/heads/trunk' + steps: + - uses: 3lvia/core-github-actions-templates/deploy@trunk + with: + name: ${{ env.APPLICATION_NAME }} + namespace: ${{ env.SYSTEM_NAMESPACE }} + environment: 'test' + helm-values-path: '.github/deploy/values.yaml' + AZURE_CLIENT_ID: ${{ vars.AKS_CLIENT_ID }} + + deploy-prod: + name: Deploy Prod + needs: [deploy-test] + runs-on: ubuntu-latest + environment: prod + # Only on push to trunk + if: github.ref == 'refs/heads/trunk' + steps: + - uses: 3lvia/core-github-actions-templates/deploy@trunk + with: + name: ${{ env.APPLICATION_NAME }} + namespace: ${{ env.SYSTEM_NAMESPACE }} + environment: 'prod' + helm-values-path: '.github/deploy/values.yaml' + AZURE_CLIENT_ID: ${{ vars.AKS_CLIENT_ID }}