Skip to content

Recreate hotfix branch #134

Recreate hotfix branch

Recreate hotfix branch #134

name: Deploy on Merge to Hotfix
on:
push:
branches:
- hotfix
env:
TAG: sha-${{ github.sha }}
jobs:
build:
uses: ./.github/workflows/build.yaml
secrets:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
test-code:
uses: ./.github/workflows/test-code.yaml
secrets: inherit
test-containers:
needs: [build]
uses: ./.github/workflows/test-containers.yaml
secrets:
HAPPO_API_KEY: ${{ secrets.HAPPO_API_KEY }}
HAPPO_API_SECRET: ${{ secrets.HAPPO_API_SECRET }}
RENOVATE_GITHUB_TOKEN: ${{ secrets.RENOVATE_GITHUB_TOKEN }}
RENOVATE_PRIVATE_KEY: ${{ secrets.RENOVATE_PRIVATE_KEY }}
deploy_hotfix:
needs: [build]
runs-on: ubuntu-latest
# if: startsWith(github.event.head_commit.message, 'Merge')
environment:
name: hotfix
url: 'https://ccbc-hotfix.apps.silver.devops.gov.bc.ca'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Deploy
uses: ./.github/actions/hotfix
with:
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }}
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
openshift_app_namespace: ${{ secrets.OPENSHIFT_APP_NAMESPACE }}
next_public_growthbook_api_key: ${{ secrets.NEXT_PUBLIC_GROWTHBOOK_API_KEY }}
tag: ${{ env.TAG }}
client_secret: ${{ secrets.CLIENT_SECRET }}
secure_route: ${{ secrets.OPENSHIFT_SECURE_ROUTE }}
aws_s3_bucket: ${{ secrets.AWS_S3_BUCKET }}
aws_s3_region: ${{ secrets.AWS_S3_REGION }}
aws_s3_key: ${{ secrets.AWS_S3_KEY }}
aws_s3_secret_key: ${{ secrets.AWS_S3_SECRET_KEY }}
aws_clam_s3_bucket: ${{ secrets.AWS_CLAM_S3_BUCKET }}
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
environment: hotfix
deploy_hotfix_prod:
needs: [deploy_hotfix]
runs-on: ubuntu-latest
if: startsWith(github.event.head_commit.message, 'Merge')
environment:
name: production
url: 'https://ccbc.apps.silver.devops.gov.bc.ca'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Deploy
uses: ./.github/actions/app
with:
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }}
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
openshift_app_namespace: ${{ secrets.OPENSHIFT_APP_NAMESPACE }}
openshift_metabase_prod_namespace: ${{ secrets.OPENSHIFT_METABASE_PROD_NAMESPACE }}
openshift_metabase_namespace: ${{ secrets.OPENSHIFT_METABASE_NAMESPACE }}
next_public_growthbook_api_key: ${{ secrets.NEXT_PUBLIC_GROWTHBOOK_API_KEY }}
tag: ${{ env.TAG }}
client_secret: ${{ secrets.CLIENT_SECRET }}
secure_route: ${{ secrets.OPENSHIFT_SECURE_ROUTE }}
aws_s3_bucket: ${{ secrets.AWS_S3_BUCKET }}
aws_s3_region: ${{ secrets.AWS_S3_REGION }}
aws_s3_key: ${{ secrets.AWS_S3_KEY }}
aws_s3_secret_key: ${{ secrets.AWS_S3_SECRET_KEY }}
aws_clam_s3_bucket: ${{ secrets.AWS_CLAM_S3_BUCKET }}
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
certbot_email: ${{ secrets.CERTBOT_EMAIL }}
certbot_server: ${{ secrets.CERTBOT_SERVER }}
metabase_site_url: ${{ secrets.METABASE_SITE_URL }}
metabase_embed_secret: ${{ secrets.METABASE_EMBED_SECRET }}
cert: ${{ secrets.CERT }}
cert_key: ${{ secrets.CERT_KEY }}
cert_ca: ${{ secrets.CERT_CA }}
sp_sa_user: ${{ secrets.SP_SA_USER }}
sp_sa_password: ${{ secrets.SP_SA_PASSWORD }}
sp_doc_library: ${{ secrets.SP_DOC_LIBRARY }}
sp_site: ${{ secrets.SP_SITE }}
sp_ms_file_name: ${{ secrets.SP_MS_FILE_NAME }}
keycloak_host: ${{ secrets.KEYCLOAK_HOST }}
sa_client_secret: ${{ secrets.SA_CLIENT_SECRET }}
sa_client_id: ${{ secrets.SA_CLIENT_ID }}
sp_list_name: ${{ secrets.SP_LIST_NAME }}
ches_url: ${{ secrets.CHES_API_URL }}
ches_client: ${{ secrets.CHES_CLIENT }}
ches_client_secret: ${{ secrets.CHES_CLIENT_SECRET }}
ches_to: ${{ secrets.CHES_TO_EMAIL }}
ches_keycloak_host: ${{ secrets.CHES_KEYCLOAK_HOST }}
pgbackrest_s3_bucket: ${{ secrets.AWS_S3_BACKUPS_BUCKET }}
environment: prod