Merge in github actions and terraform changes (#55)

* Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update mvn-client.yml * Update Dockerfile * Update mvn-client.yml * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Update Dockerfile * Expandions and fixes to terraform deployment * Revert "Update pom.xml" This reverts commit faebfda. * no message * no message * Update mvn-client.yml * Update mvn-server.yml * Update Dockerfile * Update mvn-client.yml * Update mvn-server.yml * Update Dockerfile * Update Dockerfile * Changed deployment * added missing trigger * fixed typo * removed whitespace * Fixed syntax error * fixed error using incorrect workflows * fixed typos * fixed typos * Fixed typos * Update click-build-dev.yml * Update click-build-dev.yml * Update click-build-dev.yml * Update mvn-server.yml * Update mvn-server.yml * Update mvn-server.yml * Update click-build-dev.yml * Update click-build-dev.yml * Update click-build-dev.yml * Updated terraform scripts for ministry AWS * Update log4j2.xml Commented out rollingfile config in log4j2.xml * Update log4j2.xml * Update mvn-server.yml * Seperated out local deploy, added terragrunt action * fixed typo * Fixed missing entries * Fixed typos * Fixed typos, parameterized subnet filter * Added missing environmental variable * Added configure aws credentials step * Added missing credentials * Revert "Update log4j2.xml" This reverts commit 19cce34. * Revert "Update log4j2.xml" This reverts commit 3851c6e. * no message * Updated log4j to remove file appender * Update terragrunt-deploy.yml * Updated tfc_organization * Update terragrunt-deploy.yml * parameterized project name * moved variable declaration * Update mvn-server.yml * removed unused security group reference * Update mvn-server.yml generalized property input step * Update click-build-dev.yml * Update terragrunt-deploy.yml * Update terragrunt-deploy.yml * Update click-build-dev.yml * Update mvn-client.yml * Update mvn-server.yml * Update mvn-client.yml * Update mvn-client.yml * Update mvn-server.yml * Update mvn-client.yml * Update mvn-server.yml * Update terragrunt-deploy.yml * Update terragrunt-deploy.yml * Update mvn-client.yml * Update mvn-server.yml * Update mvn-client.yml * Update mvn-client.yml * Update mvn-server.yml * Update mvn-client.yml * Update mvn-server.yml * Updated terraform scripts to account for shared workspaces * FIxed typos * Fixed typos * Fixed typo * fixed missing resource name * removed hardcoded vpc ids * Fixed missing quotes * fixed use of obsolete variable * Update terragrunt-deploy.yml * Update terragrunt-deploy.yml * Update terragrunt-deploy.yml * Changed alb to use * Fixed typos * Switched to using seperate VPC * Fixed typo * Fixed typos * remoned unused variables * Fixed reference to removed resource * Removed custom VPC usage * removed bad references * Updates for use with existing VPC * Update click-build-test.yml * Update terragrunt-deploy.yml * fixed duplicate names * Fixed typos * Update terragrunt-deploy.yml * Update click-build-test.yml * Reverted VPC changes for permissionns reasons * Automatically generated cidr blocks * Fixxed typo * Reduced health check interval to max permitted value * Removed custom alb * Changed port on client to avoid conflicts, updated rds subnet group * Added missing name parameter * Forced ecs task and service creation * Update click-build-test.yml * Update mvn-client.yml removed outputs * Update mvn-server.yml Removed outputs * Added PR number fetching * Set PR number as needed * Update terragrunt-deploy.yml * Update terragrunt-deploy.yml * Update terragrunt-deploy.yml * Expanded access permissions * Update click-build-test.yml * Change image repo * Update mvn-client.yml * changed ecr repo * Update click-build-dev.yml * Update mvn-client.yml Reverted repo changes * Update mvn-server.yml * updated dev terragrunt file * Updated bucket names * Add AWS credentials step for test purposes * Switched to using "network" module * Update mvn-client.yml * Update mvn-client.yml * Update mvn-server.yml * Update terragrunt-deploy.yml * Update mvn-client.yml * Update mvn-server.yml * Update terragrunt-deploy.yml * Set to use single listener on port 443 * Switched to use prexisting listener * Removed unneeded resource dependency * changed client port * Update click-build-dev.yml * Update mvn-client.yml * Update mvn-server.yml * Update terragrunt-deploy.yml * Update click-build-test.yml * Update click-build-dev.yml * Update terragrunt-deploy.yml * Update mvn-client.yml * Update mvn-server.yml * Update mvn-client.yml * Update main.tf (#5) * Removed contradictory capacity provider, updated client capacity provider strategy * Renamed workflows, added terragrunt plan workflow * Removed automation of old/sample scripts, added check before deploying to dev * Fixed syntax error * Added missing step * Split trivy-check and terragrunt plan into two seperate scripts * Fixed typos * fixed incorrect description * Update alb.tf (#7) * mandated trivy check after PR-triggered build * Update deploy-dev.yml * Updated triggers for dev deploy * Updated trivy test order * Update alb.tf * Update alb.tf * Removed check for test purposes * Fixed security group and client port in TEST deploy * Vivid cpreston patch 1 (#13) * Update deploy-dev.yml * Update trivy.yml * Update trivy.yml * Fixed duplicate names in trivy.yml * Update static.properties * Update dns.tf (#14) * Update dns.tf * Merge latest changes (#15) * kick off these old commit messeges away... (#37) * first commit * use incident manager as a kick off template * update angular core to 12 * update angular material to 12 * manually address the lightGallery update * angular 12 to 13 * angular 13 material update * log4j2 update * take out lightGallery * delete unused stuff part 1 * delete unused stuff part 2 * delete unused stuff part 3 * delete unused stuff part 4 * delete unused stuff part 5, skip the tokenService * rename to wfnews * clean out unused asset files * clean out unused layer configs * more clean up * sync with main * fix the useless merge differences * use wfcc new components * hide side menu * click footer navigate to related bcgov website * change spring security core to 5.5.7 * change spring-security-web and spring-security-config to 5.5.7.Release * change spring-security stuff form 5.5.7.Release to 5.5.7 * update spring-security-config in server pom * initial commit of hooking up localhost api * commit some state managements * save ongoing work * display active fire cournts * map layers icon * get rid of incidents store * clean up * left panel * left panel * Revert "left panel" This reverts commit dd996ae. * cancel the revert of last commit- left panel * more clean up * linter error fix 1 * Revert "Merge branch 'linting' into main" This reverts commit bd401b4, reversing changes made to 8b7f907. * wfnews-365 * add admin-panel component * add admin-panel component * admin component * table almost done * fireCentre Options * some styling adjustment * align page control * clean up * WFNEWS-256 Stages of Control accordion * clean up some console error * add sort module * add missing piece of filter * add in code changes to trigger the code scans? Co-authored-by: Dylan <[email protected]> * Fix config.jsp Co-authored-by: Lucas Li <[email protected]> Co-authored-by: Dylan <[email protected]> * Update deploy-dev.yml * Update static.properties Co-authored-by: Lucas Li <[email protected]> Co-authored-by: Dylan <[email protected]> * Update static.properties * Update deploy-dev.yml * Update mvn-client.yml * Vivid cpreston patch 1 (#16) * Update dns.tf * Merge latest changes (#15) * kick off these old commit messeges away... (#37) * first commit * use incident manager as a kick off template * update angular core to 12 * update angular material to 12 * manually address the lightGallery update * angular 12 to 13 * angular 13 material update * log4j2 update * take out lightGallery * delete unused stuff part 1 * delete unused stuff part 2 * delete unused stuff part 3 * delete unused stuff part 4 * delete unused stuff part 5, skip the tokenService * rename to wfnews * clean out unused asset files * clean out unused layer configs * more clean up * sync with main * fix the useless merge differences * use wfcc new components * hide side menu * click footer navigate to related bcgov website * change spring security core to 5.5.7 * change spring-security-web and spring-security-config to 5.5.7.Release * change spring-security stuff form 5.5.7.Release to 5.5.7 * update spring-security-config in server pom * initial commit of hooking up localhost api * commit some state managements * save ongoing work * display active fire cournts * map layers icon * get rid of incidents store * clean up * left panel * left panel * Revert "left panel" This reverts commit dd996ae. * cancel the revert of last commit- left panel * more clean up * linter error fix 1 * Revert "Merge branch 'linting' into main" This reverts commit bd401b4, reversing changes made to 8b7f907. * wfnews-365 * add admin-panel component * add admin-panel component * admin component * table almost done * fireCentre Options * some styling adjustment * align page control * clean up * WFNEWS-256 Stages of Control accordion * clean up some console error * add sort module * add missing piece of filter * add in code changes to trigger the code scans? Co-authored-by: Dylan <[email protected]> * Fix config.jsp Co-authored-by: Lucas Li <[email protected]> Co-authored-by: Dylan <[email protected]> * Update deploy-dev.yml * Update static.properties * Update deploy-dev.yml * Update deploy-test.yml * Update static.properties * Parameterized wfnews url in static.properties * Update deploy-dev.yml * Update deploy-dev.yml * Update deploy-dev.yml * Update mvn-client.yml Co-authored-by: Lucas Li <[email protected]> Co-authored-by: Dylan <[email protected]> * Update variables.tf (#17) * Update variables.tf * fix config file (#41) * add AuthGuard to Admin's routing * add webade oAuth in config.jsp * first store created for getIncident * more hook up and styling on admin table * useAppLogo -> isAdminPage * fix config.jsp * Update terragrunt.hcl Co-authored-by: Lucas Li <[email protected]> * Vivid cpreston patch 2 (#19) * Update ecs.tf * Update security.tf Opened postgresql connectivity for testing purposes * Update rds.tf Expanded database accessibility for test purposes * fixed missing id property * added resources to allow external DB access * Fixed incorrect variable name * Fixed syntax error * Add Tab on incident form, add rich text editor (#44) * Add Tab on incident form, add rich text editor * Link overview to data object * Form styling (#43) * Add default form styling * Fix style for select boxes * Add spatial query for area/evac order. Limit to fire only * Added managed secrets resources for db proxy * added explicit dependency to db proxy * Fixed inconsistent variable naming * Removed incompatible auth_scheme property * Non compliance cleanup (#45) * Cleanup for WFNEWS-397, 398, 401 * WFNEWS-403 * Temporarily removed non-functional db proxy settings * Update deploy-dev.yml * Update and rename main-merge.yml to pr.yml Co-authored-by: Dylan <[email protected]> * synced with bcgov repo * Update static.properties * Merge branch 'main' of https://github.com/bcgov/nr-bcws-wfnews into bcgov-main # Conflicts: # client/wfnews-war/src/main/resources/static.properties * Update rds.tf (#21) * Update deploy-dev.yml reverted build changes * Update deploy-dev.yml * Update rds.tf * Update deploy-dev.yml * Update mvn-client.yml * Update mvn-server.yml * Update mvn-client.yml * Update mvn-server.yml * Update mvn-server.yml * Update mvn-client.yml * Update mvn-client.yml * Update mvn-server.yml * Update mvn-client.yml * Update ecs.tf * Update deploy-dev.yml Co-authored-by: Lucas Li <[email protected]> Co-authored-by: Dylan <[email protected]>
bcgov · Aug 30, 2022 · c4272e0 · c4272e0
1 parent af8e681
commit c4272e0
Show file tree

Hide file tree

Showing 34 changed files with 2,188 additions and 244 deletions.
diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml
@@ -0,0 +1,73 @@
+name: Deploy Dev
+
+env:
+  REGISTRY: ghcr.io
+  WEBADE_JCRS_URL: ${{ secrets.WEBADE_JCRS_URL }}
+  NPMRC: ${{ secrets.NPMRC }}
+  TRIGGERS: ('client/' 'server/' '.github/workflows')
+on:
+  pull_request:
+    types:
+      - closed
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+    paths:
+      - ".github/workflows/deploy-dev.yml"
+      - ".github/workflows/mvn-client.yml"
+      - ".github/workflows/mvn-server.yml"
+      - ".github/workflows/terragrunt-deploy.yml"
+      - "client/**"
+      - "server/**"
+      - "terraform/**"
+      - "Dockerfile"
+      - "!**/README.md"
+
+jobs:
+
+  call-mvn-client:
+    if: github.event.pull_request.merged == true
+    uses: ./.github/workflows/mvn-client.yml
+    secrets: inherit
+    with: 
+      REGISTRY: ghcr.io
+      #TARGET_ENV used when generating self-referential url
+      TARGET_ENV: dev
+
+  call-mvn-server:
+    if: github.event.pull_request.merged == true
+    uses: ./.github/workflows/mvn-server.yml
+    #SMTP_PASSWORD, DV_PASSWORD AND TFC_PROJECT ARE STORED AS SECRET
+    with:
+      REGISTRY: ghcr.io
+      EMAIL_ENABLED: true
+      SMTP_HOSTNAME: sample.com
+      SMTP_USER: [email protected]
+      SMTP_FROM_EMAIL: [email protected]
+      ADMIN_EMAIL: [email protected]
+      EMAIL_SYNC_ERROR_FREQUENCY: 30
+      EMAIL_SYNC_SEND_FREQUENCY: 60
+      EMAIL_SYNC_ERROR_SUBJECT: ERROR
+      EMAIL_SYNC_SUBJECT: MESSAGE
+      DEFAULT_APPLICATION_ENVIRONMENT: wfnews
+    secrets: inherit
+
+
+#  trivy:
+#    # if: needs.check.outputs.build == 'true'
+#    needs: [call-mvn-client, call-mvn-server]
+#    uses: ./.github/workflows/trivy.yml
+
+  terragrunt-deploy:
+    # if: needs.check.outputs.build == 'true'
+    uses: ./.github/workflows/terragrunt-deploy.yml
+    needs: [trivy]
+    with:
+      REGISTRY: ghcr.io
+      #Server and Image name get PR number as appropriate inside deploy step
+      CLIENT_IMAGE: nr-bcws-wfnews-client
+      SERVER_IMAGE: nr-bcws-wfnews-server
+      TARGET_ENV: dev
+      ALB_NAME: default
+      VPC_NAME: Dev_vpc
+      SUBNET_FILTER: App
+    secrets: inherit
diff --git a/.github/workflows/deploy-dev_OLD.yaml b/.github/workflows/deploy-dev_OLD.yaml
@@ -0,0 +1,46 @@
+Name: Deploy Dev - OLD
+# change to trigger a PR
+on:
+  workflow_dispatch:
+#   workflow_run:
+#     workflows:
+#       - Pull Request
+#     types:
+#       - completed
+
+env:
+  #NOTE: Server Image ID and Client Image ID are set in pr-open.yml, after the images are built
+  #SERVER_IMAGE: ${{ secrets.AWS_ECR_URI }}
+  #CLIENT_IMAGE: 
+  TF_VERSION: 1.2.2
+  TG_VERSION: 0.37.1
+  TG_SRC_PATH: terraform
+  TFC_WORKSPACE: dev
+
+jobs:
+  cd:
+    name: cd
+    runs-on: ubuntu-22.04
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.event.workflow_run.head_branch }}
+
+      - uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: ${{ env.TF_VERSION }}
+          cli_config_credentials_token: ${{ secrets.TFC_TEAM_TOKEN }}
+
+      - uses: peter-murray/[email protected]
+        with:
+          terragrunt_version: ${{ env.TG_VERSION }}
+
+      - name: Terragrunt Apply
+        working-directory: ${{ env.TG_SRC_PATH }}/${{ env.TFC_WORKSPACE }}
+        env:
+          server_image: ${{ env.SERVER_IMAGE }}
+          client_image: ${{ env.CLIENT_IMAGE}}
+        run: terragrunt run-all apply --terragrunt-non-interactive
diff --git a/.github/workflows/deploy-test.yml b/.github/workflows/deploy-test.yml
@@ -0,0 +1,47 @@
+
+name: Deploy Test
+
+env:
+  REGISTRY: ghcr.io
+  WEBADE_JCRS_URL: ${{ secrets.WEBADE_JCRS_URL }}
+  NPMRC: ${{ secrets.NPMRC }}
+on:
+  workflow_dispatch:
+
+jobs:
+  call-mvn-client:
+    uses: ./.github/workflows/mvn-client.yml
+    secrets: inherit
+    with:
+      REGISTRY: ghcr.io
+      TARGET_ENV: test
+  call-mvn-server:
+    uses: ./.github/workflows/mvn-server.yml
+    #SMTP_PASSWORD, DV_PASSWORD AND TFC_PROJECT ARE STORED AS SECRET
+    with:
+      EMAIL_ENABLED: true
+      SMTP_HOSTNAME: sample.com
+      SMTP_USER: [email protected]
+      SMTP_FROM_EMAIL: [email protected]
+      ADMIN_EMAIL: [email protected]
+      EMAIL_SYNC_ERROR_FREQUENCY: 30
+      EMAIL_SYNC_SEND_FREQUENCY: 60
+      EMAIL_SYNC_ERROR_SUBJECT: ERROR
+      EMAIL_SYNC_SUBJECT: MESSAGE
+      DEFAULT_APPLICATION_ENVIRONMENT: wfnews
+      REGISTRY: ghcr.io
+    secrets: inherit
+  terragrunt-deploy:
+    uses: ./.github/workflows/terragrunt-deploy.yml
+    needs: [call-mvn-client, call-mvn-server]
+    with:
+      #Server and Image name get PR number as appropriate inside deploy step
+      CLIENT_IMAGE: nr-bcws-wfnews-client
+      SERVER_IMAGE: nr-bcws-wfnews-server
+      TARGET_ENV: test
+      ALB_NAME: Core-Pp93w9Test-2F70A1-alb
+      VPC_NAME: Test_vpc
+      SUBNET_FILTER: App
+      REGISTRY: ghcr.io
+    secrets: inherit
+
diff --git a/.github/workflows/mvn-client.yml b/.github/workflows/mvn-client.yml
@@ -0,0 +1,123 @@
+# This is a basic workflow to help you get started with Actions
+
+name: Build Client
+
+env:
+  IMAGE_NAME: ${{ github.repository }}-client
+  WEBADE_JCRS_URL: ${{ secrets.WEBADE_JCRS_URL }}
+  NPMRC: ${{ secrets.NPMRC }}
+
+# Controls when the workflow will run
+on:
+  workflow_call:
+    inputs:
+      REGISTRY:
+        required: true
+        type: string
+      TARGET_ENV:
+        required: true
+        type: string
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v3
+        with:
+          java-version: '11'
+          distribution: 'adopt'
+
+      - name: Add .npmrc file
+        run: echo -e $NPMRC > ~/.npmrc
+
+      - name: Add self-referential URL
+        run: sed -i 's/#{wfnews.url}/https:\/\/wfnews-client.pp93w9-${{ inputs.TARGET_ENV }}.nimbus.cloud.gov.bc.ca/' client/wfnews-war/src/main/resources/static.properties
+
+      - name: Build with Maven
+        run: mvn --settings server/mvn_settings/settings.xml --batch-mode --update-snapshots -f client/pom.xml -Drepo.login=${{ secrets.IDIR_AS_EMAIL }} -Drepo.password=${{ secrets.IDIR_PASSWORD }} -DskipTests package
+
+      - name: Copy files to neccessary folders
+        run: mkdir staging && cp client/wfnews-war/target/*.war staging
+
+      - uses: actions/upload-artifact@v3
+        with:
+         name: Package-client
+         path: staging
+
+      - name: Cache local Maven repository
+        uses: actions/cache@v2
+        with:
+          path: staging
+          key: ${{ runner.os }}-maven-${{ hashFiles('**war.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+         
+  docker:
+    needs: build
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: Package-client
+          path: .
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ inputs.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        if: ${{ github.event.pull_request.number > 0 }}
+        id: meta_pr
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: ${{ inputs.REGISTRY}}/${{ env.IMAGE_NAME }}-${{ github.event.pull_request.number}}
+          tags: |
+            type=schedule
+            type=raw,value=${{ github.base_ref }}
+            type=ref,event=tag
+            type=raw,value=pr-${{ github.event.pull_request.number}}
+      
+      - name: Extract metadata (tags, labels) for Docker
+        if: ${{ github.event.pull_request.number == '' }}
+        id: meta_nopr
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: ${{ inputs.REGISTRY}}/${{ env.IMAGE_NAME }}
+
+
+
+      - name: Build and push Docker image (no PR)
+        if: ${{ github.event.pull_request.number == '' }}
+        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta_nopr.outputs.tags }}
+          labels: ${{ steps.meta_nopr.outputs.labels }}
+
+      - name: Build and push Docker image (with PR)
+        if: ${{ github.event.pull_request.number > 0 }}
+        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta_pr.outputs.tags }}
+          labels: ${{ steps.meta_pr.outputs.labels }}
+