From 5f02b94cc8ee191467e760d98a50f3be8157be56 Mon Sep 17 00:00:00 2001 From: Spencer Bliven Date: Fri, 28 Jun 2024 14:47:34 +0200 Subject: [PATCH 1/2] Deploy scicat-backend-next - backend-next v4.5.1 - frontend v.4.4.2 --- .github/workflows/scicat-be-next.yml | 108 +++++++-------- .github/workflows/scicat-be.yml | 130 +++++++++--------- frontend | 2 +- helm/configs/frontend/development/config.json | 2 +- scicat-backend-next | 2 +- 5 files changed, 122 insertions(+), 122 deletions(-) diff --git a/.github/workflows/scicat-be-next.yml b/.github/workflows/scicat-be-next.yml index 3bee85a..696d571 100644 --- a/.github/workflows/scicat-be-next.yml +++ b/.github/workflows/scicat-be-next.yml @@ -1,59 +1,59 @@ -# name: scicat-be-next +name: scicat-be-next -# on: -# workflow_dispatch: -# inputs: -# submodule_commit: -# description: 'Commit of the submodule to deploy' -# required: false -# commit: -# description: 'Commit of the CI repo to deploy' -# required: false -# pull_request: -# branches: [ main ] -# push: -# branches: [ main ] -# release: -# types: [ published ] +on: + workflow_dispatch: + inputs: + submodule_commit: + description: 'Commit of the submodule to deploy' + required: false + commit: + description: 'Commit of the CI repo to deploy' + required: false + pull_request: + branches: [ main ] + push: + branches: [ main ] + release: + types: [ published ] -# jobs: +jobs: -# set_env: -# uses: ./.github/workflows/reusable.environment.yml -# with: -# commit: ${{ github.event.inputs.commit }} -# submodule_commit: ${{ github.event.inputs.submodule_commit }} + set_env: + uses: ./.github/workflows/reusable.environment.yml + with: + commit: ${{ github.event.inputs.commit }} + submodule_commit: ${{ github.event.inputs.submodule_commit }} -# check_changed: -# needs: set_env -# uses: ./.github/workflows/reusable.changes.yml -# with: -# files: | -# .github/workflows/scicat-be-next.yml -# helm/configs/backend-next/${{ needs.set_env.outputs.environment }}/** -# helm/configs/backend-next/values.yaml -# scicat-backend-next/** -# commit: ${{ needs.set_env.outputs.commit }} -# submodule_commit: ${{ github.event.inputs.submodule_commit }} -# submodule: scicat-backend-next + check_changed: + needs: set_env + uses: ./.github/workflows/reusable.changes.yml + with: + files: | + .github/workflows/scicat-be-next.yml + helm/configs/backend-next/${{ needs.set_env.outputs.environment }}/** + helm/configs/backend-next/values.yaml + scicat-backend-next/** + commit: ${{ needs.set_env.outputs.commit }} + submodule_commit: ${{ github.event.inputs.submodule_commit }} + submodule: scicat-backend-next -# build_deploy_scicat_backend_next: -# if: (needs.check_changed.outputs.changed == 'true' && !needs.set_env.outputs.component) || needs.set_env.outputs.component == 'bn' -# needs: -# - check_changed -# - set_env -# uses: ./.github/workflows/reusable.build-deploy.yml -# with: -# context: scicat-backend-next/. -# image_name: ${{ github.repository }}/backend-next -# release_name: backend-next -# tag: ${{ needs.set_env.outputs.tag }} -# environment: ${{ needs.set_env.outputs.environment }} -# commit: ${{ needs.set_env.outputs.commit }} -# submodule_commit: ${{ github.event.inputs.submodule_commit }} -# submodule: scicat-backend-next -# secrets: -# KUBECONFIG: ${{ secrets.KUBECONFIG }} -# JSON_SECRETS: ${{ toJSON(secrets) }} -# BASTION_USER: ${{ secrets.BASTION_USER }} -# BASTION_SSH_KEY: ${{ secrets.BASTION_SSH_KEY }} + build_deploy_scicat_backend_next: + if: (needs.check_changed.outputs.changed == 'true' && !needs.set_env.outputs.component) || needs.set_env.outputs.component == 'bn' + needs: + - check_changed + - set_env + uses: ./.github/workflows/reusable.build-deploy.yml + with: + context: scicat-backend-next/. + image_name: ${{ github.repository }}/backend-next + release_name: backend-next + tag: ${{ needs.set_env.outputs.tag }} + environment: ${{ needs.set_env.outputs.environment }} + commit: ${{ needs.set_env.outputs.commit }} + submodule_commit: ${{ github.event.inputs.submodule_commit }} + submodule: scicat-backend-next + secrets: + KUBECONFIG: ${{ secrets.KUBECONFIG }} + JSON_SECRETS: ${{ toJSON(secrets) }} + BASTION_USER: ${{ secrets.BASTION_USER }} + BASTION_SSH_KEY: ${{ secrets.BASTION_SSH_KEY }} diff --git a/.github/workflows/scicat-be.yml b/.github/workflows/scicat-be.yml index 236d7d2..fa12347 100644 --- a/.github/workflows/scicat-be.yml +++ b/.github/workflows/scicat-be.yml @@ -1,70 +1,70 @@ -name: scicat-be +# name: scicat-be -on: - workflow_dispatch: - inputs: - submodule_commit: - description: 'Commit of the submodule to deploy' - required: false - commit: - description: 'Commit of the CI repo to deploy' - required: false - pull_request: - branches: [ main ] - push: - branches: [ main ] - release: - types: [published] +# on: +# workflow_dispatch: +# inputs: +# submodule_commit: +# description: 'Commit of the submodule to deploy' +# required: false +# commit: +# description: 'Commit of the CI repo to deploy' +# required: false +# pull_request: +# branches: [ main ] +# push: +# branches: [ main ] +# release: +# types: [published] -jobs: +# jobs: - set_env: - uses: ./.github/workflows/reusable.environment.yml - with: - commit: ${{ github.event.inputs.commit }} - submodule_commit: ${{ github.event.inputs.submodule_commit }} +# set_env: +# uses: ./.github/workflows/reusable.environment.yml +# with: +# commit: ${{ github.event.inputs.commit }} +# submodule_commit: ${{ github.event.inputs.submodule_commit }} - check_changed: - needs: set_env - uses: ./.github/workflows/reusable.changes.yml - with: - files: | - .github/workflows/scicat-be.yml - helm/configs/backend/values.yaml - helm/configs/backend/login-callbacks.js - helm/configs/backend/config.local.js - helm/configs/backend/job-template.html - helm/configs/backend/${{ needs.set_env.outputs.environment }}/** - backend/** - helm/configs/backend/authorizedJobs.js - commit: ${{ needs.set_env.outputs.commit }} - submodule_commit: ${{ github.event.inputs.submodule_commit }} - submodule: backend +# check_changed: +# needs: set_env +# uses: ./.github/workflows/reusable.changes.yml +# with: +# files: | +# .github/workflows/scicat-be.yml +# helm/configs/backend/values.yaml +# helm/configs/backend/login-callbacks.js +# helm/configs/backend/config.local.js +# helm/configs/backend/job-template.html +# helm/configs/backend/${{ needs.set_env.outputs.environment }}/** +# backend/** +# helm/configs/backend/authorizedJobs.js +# commit: ${{ needs.set_env.outputs.commit }} +# submodule_commit: ${{ github.event.inputs.submodule_commit }} +# submodule: backend - build_deploy_scicat_be: - if: (needs.check_changed.outputs.changed == 'true' && !needs.set_env.outputs.component) || needs.set_env.outputs.component == 'be' - needs: - - check_changed - - set_env - uses: ./.github/workflows/reusable.build-deploy.yml - with: - context: backend/. - image_name: ${{ github.repository }}/be - release_name: backend - tag: ${{ needs.set_env.outputs.tag }} - environment: ${{ needs.set_env.outputs.environment }} - commit: ${{ needs.set_env.outputs.commit }} - submodule_commit: ${{ github.event.inputs.submodule_commit }} - submodule: backend - helm_set_files: >- - CONFIG_LOCAL=helm/configs/backend/config.local.js - LOGIN_CALLBACKS=helm/configs/backend/login-callbacks.js - MIDDLEWARE=helm/configs/backend/${{ needs.set_env.outputs.environment }}/middleware.json - EMAIL_TEMPLATE=helm/configs/backend/job-template.html - HIDE_EMAIL=helm/configs/backend/hideEmail.js - AUTHORIZED_JOBS=helm/configs/backend/authorizedJobs.js - secrets: - KUBECONFIG: ${{ secrets.KUBECONFIG }} - JSON_SECRETS: ${{ toJSON(secrets) }} - BASTION_USER: ${{ secrets.BASTION_USER }} - BASTION_SSH_KEY: ${{ secrets.BASTION_SSH_KEY }} +# build_deploy_scicat_be: +# if: (needs.check_changed.outputs.changed == 'true' && !needs.set_env.outputs.component) || needs.set_env.outputs.component == 'be' +# needs: +# - check_changed +# - set_env +# uses: ./.github/workflows/reusable.build-deploy.yml +# with: +# context: backend/. +# image_name: ${{ github.repository }}/be +# release_name: backend +# tag: ${{ needs.set_env.outputs.tag }} +# environment: ${{ needs.set_env.outputs.environment }} +# commit: ${{ needs.set_env.outputs.commit }} +# submodule_commit: ${{ github.event.inputs.submodule_commit }} +# submodule: backend +# helm_set_files: >- +# CONFIG_LOCAL=helm/configs/backend/config.local.js +# LOGIN_CALLBACKS=helm/configs/backend/login-callbacks.js +# MIDDLEWARE=helm/configs/backend/${{ needs.set_env.outputs.environment }}/middleware.json +# EMAIL_TEMPLATE=helm/configs/backend/job-template.html +# HIDE_EMAIL=helm/configs/backend/hideEmail.js +# AUTHORIZED_JOBS=helm/configs/backend/authorizedJobs.js +# secrets: +# KUBECONFIG: ${{ secrets.KUBECONFIG }} +# JSON_SECRETS: ${{ toJSON(secrets) }} +# BASTION_USER: ${{ secrets.BASTION_USER }} +# BASTION_SSH_KEY: ${{ secrets.BASTION_SSH_KEY }} diff --git a/frontend b/frontend index eaf807e..d37eb34 160000 --- a/frontend +++ b/frontend @@ -1 +1 @@ -Subproject commit eaf807e507c8d35a009af27c594cc618681b0031 +Subproject commit d37eb34613191512f3ccf589419ecb829d3f526f diff --git a/helm/configs/frontend/development/config.json b/helm/configs/frontend/development/config.json index 50df4f3..ca46efe 100644 --- a/helm/configs/frontend/development/config.json +++ b/helm/configs/frontend/development/config.json @@ -1,6 +1,6 @@ { "lbBaseURL": "https://dacat-development.psi.ch", - "accessTokenPrefix": "", + "accessTokenPrefix": "Bearer ", "archiveWorkflowEnabled": true, "retrieveDestinations": [ { diff --git a/scicat-backend-next b/scicat-backend-next index ad763fc..4f167f7 160000 --- a/scicat-backend-next +++ b/scicat-backend-next @@ -1 +1 @@ -Subproject commit ad763fcb6437039be2521a04c9b993792e914c86 +Subproject commit 4f167f793e7a5d00f597ebb498f18b0feb448fee From 7eec09e6aa79984575bab23afa519ef99ff6b22f Mon Sep 17 00:00:00 2001 From: Spencer Bliven Date: Fri, 28 Jun 2024 15:23:01 +0200 Subject: [PATCH 2/2] Grant package write permissions for be-next workflow This attempts to fix an error in the build_deploy_scicat_backend_next job ``` #24 ERROR: denied: installation not allowed to Write organization package ------ > pushing ghcr.io/paulscherrerinstitute/scicat-ci/backend-next:sha-5f02b94cc8ee191467e760d98a50f3be8157be56 with docker: ------ ERROR: denied: installation not allowed to Write organization package ``` --- .github/workflows/scicat-be-next.yml | 3 +++ .github/workflows/scicat-fe.yml | 25 ++++++++++++++----------- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/.github/workflows/scicat-be-next.yml b/.github/workflows/scicat-be-next.yml index 696d571..24f51d0 100644 --- a/.github/workflows/scicat-be-next.yml +++ b/.github/workflows/scicat-be-next.yml @@ -43,6 +43,9 @@ jobs: - check_changed - set_env uses: ./.github/workflows/reusable.build-deploy.yml + permissions: + contents: read + packages: write with: context: scicat-backend-next/. image_name: ${{ github.repository }}/backend-next diff --git a/.github/workflows/scicat-fe.yml b/.github/workflows/scicat-fe.yml index bbea19b..a45fff6 100644 --- a/.github/workflows/scicat-fe.yml +++ b/.github/workflows/scicat-fe.yml @@ -1,13 +1,13 @@ name: scicat-fe -on: - workflow_dispatch: +on: + workflow_dispatch: inputs: submodule_commit: - description: 'Commit of the submodule to deploy' + description: 'Commit of the submodule to deploy' required: false - commit: - description: 'Commit of the CI repo to deploy' + commit: + description: 'Commit of the CI repo to deploy' required: false pull_request: branches: [ main ] @@ -18,17 +18,17 @@ on: jobs: - set_env: + set_env: uses: ./.github/workflows/reusable.environment.yml - with: + with: commit: ${{ github.event.inputs.commit }} submodule_commit: ${{ github.event.inputs.submodule_commit }} check_changed: needs: set_env uses: ./.github/workflows/reusable.changes.yml - with: - files: | + with: + files: | .github/workflows/scicat-fe.yml helm/configs/frontend/values.yaml helm/configs/frontend/login.component.html @@ -40,11 +40,14 @@ jobs: build_deploy_scicat_fe: if: (needs.check_changed.outputs.changed == 'true' && !needs.set_env.outputs.component) || needs.set_env.outputs.component == 'fe' - needs: + needs: - check_changed - set_env uses: ./.github/workflows/reusable.build-deploy.yml - with: + permissions: + contents: read + packages: write + with: context: frontend/. image_name: ${{ github.repository }}/fe release_name: frontend