From 9afe41e996cafd39b80ae8d837961a0388ee6159 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 00:01:57 +0530 Subject: [PATCH 01/21] updated build-and-push for auto deploy --- examples/workflows/build-and-push.yaml | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index 6543afb..2f4b15e 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -1,3 +1,4 @@ +# .github/workflows/build-push.yml name: Build and Push Docker Image on: @@ -7,6 +8,7 @@ on: - dev release: types: [published] + env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} @@ -14,12 +16,11 @@ env: jobs: build-and-push: runs-on: ubuntu-latest - # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. permissions: contents: read packages: write + actions: write steps: - - name: Checkout code uses: actions/checkout@v2 @@ -39,19 +40,26 @@ jobs: with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | - # minimal type=pep440,pattern={{version}},value=${{ github.ref_name }},enable=${{ github.event_name == 'release' }} - # branch event type=ref,event=branch type=raw,value=latest,enable=${{ github.event_name == 'release' }} - name: Build and Push Docker image uses: docker/build-push-action@v4 with: - # build-args: context: . push: true cache-from: type=gha cache-to: type=gha,mode=max tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file + labels: ${{ steps.meta.outputs.labels }} + + + - name: Trigger deployment workflow + if: ${{ success() && github.ref == 'refs/heads/dev' }} + run: | + curl -X POST \ + -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: token ${{ secrets.PAT }}" \ + https://api.github.com/repos/${{ github.repository_owner }}/devops/dispatches \ + -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"YOUR_SERVICE_NAME"}}' From 6d88ac562d4c8cc37b9fa57586509a9241f3eb22 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 00:06:13 +0530 Subject: [PATCH 02/21] updated deploy.yaml for repository dispatc --- .github/workflows/deploy.yaml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 613775b..91550ef 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -10,16 +10,19 @@ on: services: description: 'Services to deploy (space seperated)' required: true + repository_dispatch: + types: + - deploy-trigger jobs: deployment: runs-on: ubuntu-latest - name: Deploy ${{inputs.services}} in ${{inputs.environment}} + name: Deploy ${{ inputs.services || github.event.client_payload.services }} in ${{inputs.environment || github.event.client_payload.environment}} steps: - name: Uppercase environment run: | - echo "ENV=`echo ${{inputs.environment}} | tr '[:lower:]' '[:upper:]'`" >>${GITHUB_ENV} + echo "ENV=`echo ${{ inputs.environment || github.event.client_payload.environment }} | tr '[:lower:]' '[:upper:]'`" >>${GITHUB_ENV} - name: Set Default Values to Repository Variable run: | @@ -39,15 +42,14 @@ jobs: echo "::error::Secret '${{ format('{0}_WEBHOOK_URL',env.ENV) }}' is not set" exit 1 fi - if [ -z "${{ github.event.inputs.services }}" ]; then - echo "::error::'${{ github.event.inputs.services }}' is empty" + if [ -z "${{ github.event.inputs.services || github.event.client_payload.services }}" ]; then + echo "::error::'${{ github.event.inputs.services || github.event.client_payload.services }}' is empty" exit 1 fi - encoded_services=$(python3 -c "from urllib.parse import quote; print(quote('${{ github.event.inputs.services }}'))") + encoded_services=$(python3 -c "from urllib.parse import quote; print(quote('${{ github.event.inputs.services || github.event.client_payload.services}}'))") curl -X POST \ --fail-with-body -sS --no-buffer\ -H "Content-Type: application/json" \ -d '{"secret_token": "${{ secrets[format('{0}_WEBHOOK_PASSWORD',env.ENV)] }}", "ENABLE_FORCE_RECREATE":${{ env.ENABLE_FORCE_RECREATE }}, "DISABLE_REMOVE_ORPHANS":${{ env.DISABLE_REMOVE_ORPHANS }}, "DISABLE_ANSI":${{ env.DISABLE_ANSI }} ,"ENABLE_GIT_PULL":${{ env.ENABLE_GIT_PULL }}}' \ "${{ secrets[format('{0}_WEBHOOK_URL',env.ENV)] }}/hooks/deploy?services=$encoded_services" - From 59c9c5e7b5e3ce5acbafaafba232b5e0aebbe09d Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 01:29:03 +0530 Subject: [PATCH 03/21] updated documentation --- docs/onboarding.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index 6dec74c..58ab75f 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -26,7 +26,16 @@ Example: [/examples/workflows/build-and-push.yaml](../examples/workflows/build-a > [!IMPORTANT] > In case you see 403 error, checkout [this](https://docs.github.com/en/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#github-actions-access-for-packages-scoped-to-organizations) - +### To Auto Deploy Service +- [Allow access via fine-grained personal access tokens in Organisation](https://docs.github.com/en/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization#restricting-access-by-fine-grained-personal-access-tokens) +- [Configure actions to be triggered from another repository within the same organization](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) +- Generate a PAT (Personal Access Token) with appropriate scopes to initiate actions, [check permissions here](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#create-a-repository-dispatch-event) +- Store the PAT as [repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) in repository setting, set name field as `PAT` +- Change the repo name if not devops in the step:Trigger deployment workflow
+ `https://api.github.com/repos/${{ github.repository_owner }}/devops/dispatches` +- Replace YOUR_SERVICE_NAME with actuall service in
`"client_payload":{"environment":"dev","services":"YOUR_SERVICE_NAME"}}'` + +- Push from the `dev` branch only to auto deploy Reference: - For further clarification and detailed instructions, you can refer to the [GitHub documentation](https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-github-packages). From 494648bf9c50d5aae194f9491af04ece0323fa5d Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 10:24:13 +0530 Subject: [PATCH 04/21] resotred comments --- examples/workflows/build-and-push.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index 2f4b15e..26ee118 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -1,4 +1,3 @@ -# .github/workflows/build-push.yml name: Build and Push Docker Image on: @@ -8,7 +7,6 @@ on: - dev release: types: [published] - env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} @@ -16,11 +14,12 @@ env: jobs: build-and-push: runs-on: ubuntu-latest + # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. permissions: contents: read packages: write - actions: write steps: + - name: Checkout code uses: actions/checkout@v2 @@ -40,13 +39,16 @@ jobs: with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | + # minimal type=pep440,pattern={{version}},value=${{ github.ref_name }},enable=${{ github.event_name == 'release' }} + # branch event type=ref,event=branch type=raw,value=latest,enable=${{ github.event_name == 'release' }} - name: Build and Push Docker image uses: docker/build-push-action@v4 with: + # build-args: context: . push: true cache-from: type=gha @@ -54,7 +56,6 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - - name: Trigger deployment workflow if: ${{ success() && github.ref == 'refs/heads/dev' }} run: | @@ -62,4 +63,4 @@ jobs: -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ https://api.github.com/repos/${{ github.repository_owner }}/devops/dispatches \ - -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"YOUR_SERVICE_NAME"}}' + -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"YOUR_SERVICE_NAME"}}' \ No newline at end of file From e5192f1304868d7d38832c3da47569474297b1aa Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 11:28:00 +0530 Subject: [PATCH 05/21] updated for adding repository variables --- docs/onboarding.md | 2 +- examples/workflows/build-and-push.yaml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index 58ab75f..57b1944 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -33,7 +33,7 @@ Example: [/examples/workflows/build-and-push.yaml](../examples/workflows/build-a - Store the PAT as [repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) in repository setting, set name field as `PAT` - Change the repo name if not devops in the step:Trigger deployment workflow
`https://api.github.com/repos/${{ github.repository_owner }}/devops/dispatches` -- Replace YOUR_SERVICE_NAME with actuall service in
`"client_payload":{"environment":"dev","services":"YOUR_SERVICE_NAME"}}'` +- Create a [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository), with `NAME` as `SERIVCE` and `value` as `repository_name(in snake case)` - Push from the `dev` branch only to auto deploy diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index 26ee118..23928cb 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -18,6 +18,7 @@ jobs: permissions: contents: read packages: write + actions: write steps: - name: Checkout code @@ -63,4 +64,4 @@ jobs: -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ https://api.github.com/repos/${{ github.repository_owner }}/devops/dispatches \ - -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"YOUR_SERVICE_NAME"}}' \ No newline at end of file + -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"${{ vars.SERVICE }}"}}' \ No newline at end of file From 430e629e18732148ed98948a1a980f0b501a1577 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 11:47:19 +0530 Subject: [PATCH 06/21] updated workflow for repo name --- examples/workflows/build-and-push.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index 23928cb..144bedc 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -10,6 +10,7 @@ on: env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} + DEPLOY_REPO: devops jobs: build-and-push: @@ -63,5 +64,5 @@ jobs: curl -X POST \ -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ - https://api.github.com/repos/${{ github.repository_owner }}/devops/dispatches \ + https://api.github.com/repos/${{ github.repository_owner }}/${{ env.DEPLOY_REPO }}/dispatches \ -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"${{ vars.SERVICE }}"}}' \ No newline at end of file From d65b1894f4a5d8076e93c2b17f9673b5ee6fb0b3 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 12:07:04 +0530 Subject: [PATCH 07/21] updated workflow for repository varibale and updated docs --- docs/onboarding.md | 5 ++--- examples/workflows/build-and-push.yaml | 3 +-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index 57b1944..674c527 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -31,9 +31,8 @@ Example: [/examples/workflows/build-and-push.yaml](../examples/workflows/build-a - [Configure actions to be triggered from another repository within the same organization](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) - Generate a PAT (Personal Access Token) with appropriate scopes to initiate actions, [check permissions here](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#create-a-repository-dispatch-event) - Store the PAT as [repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) in repository setting, set name field as `PAT` -- Change the repo name if not devops in the step:Trigger deployment workflow
- `https://api.github.com/repos/${{ github.repository_owner }}/devops/dispatches` -- Create a [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository), with `NAME` as `SERIVCE` and `value` as `repository_name(in snake case)` +- If deployment repository name is not `devops` set a [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `DEPLOY_REPO` and value as repository_name +- Create a [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository), with `NAME` as `SERIVCE` and `value` as `repository_name`(snake_case) - Push from the `dev` branch only to auto deploy diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index 144bedc..e24329f 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -10,7 +10,6 @@ on: env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} - DEPLOY_REPO: devops jobs: build-and-push: @@ -64,5 +63,5 @@ jobs: curl -X POST \ -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ - https://api.github.com/repos/${{ github.repository_owner }}/${{ env.DEPLOY_REPO }}/dispatches \ + https://api.github.com/repos/${{ github.repository_owner }}/${{ vars.DEPLOY_REPO || 'devops' }}/dispatches \ -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"${{ vars.SERVICE }}"}}' \ No newline at end of file From e88d7e553504c66f4ad870c8cf6499b79d03bc16 Mon Sep 17 00:00:00 2001 From: Karun Agarwal <113603846+singhalkarun@users.noreply.github.com> Date: Wed, 10 Jul 2024 12:18:24 +0530 Subject: [PATCH 08/21] cosmetic changes --- docs/onboarding.md | 2 +- examples/workflows/build-and-push.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index 674c527..b411878 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -31,7 +31,7 @@ Example: [/examples/workflows/build-and-push.yaml](../examples/workflows/build-a - [Configure actions to be triggered from another repository within the same organization](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) - Generate a PAT (Personal Access Token) with appropriate scopes to initiate actions, [check permissions here](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#create-a-repository-dispatch-event) - Store the PAT as [repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) in repository setting, set name field as `PAT` -- If deployment repository name is not `devops` set a [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `DEPLOY_REPO` and value as repository_name +- If devops repository name is not `devops` set, the [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `DEVOPS_REPO_NAME` and value as the name of devops repository - Create a [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository), with `NAME` as `SERIVCE` and `value` as `repository_name`(snake_case) - Push from the `dev` branch only to auto deploy diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index e24329f..d9df0f1 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -63,5 +63,5 @@ jobs: curl -X POST \ -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ - https://api.github.com/repos/${{ github.repository_owner }}/${{ vars.DEPLOY_REPO || 'devops' }}/dispatches \ + https://api.github.com/repos/${{ github.repository_owner }}/${{ vars.DEVOPS_REPO_NAME || 'devops' }}/dispatches \ -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"${{ vars.SERVICE }}"}}' \ No newline at end of file From 5ee0c244c5457d2e0b1856e2ba20d73b650ae27f Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 14:27:16 +0530 Subject: [PATCH 09/21] updated for static dev --- .github/workflows/deploy.yaml | 4 ++-- examples/workflows/build-and-push.yaml | 8 +++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 91550ef..72f4ad0 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -17,12 +17,12 @@ on: jobs: deployment: runs-on: ubuntu-latest - name: Deploy ${{ inputs.services || github.event.client_payload.services }} in ${{inputs.environment || github.event.client_payload.environment}} + name: Deploy ${{ inputs.services || github.event.client_payload.services }} in ${{inputs.environment || 'dev' }} steps: - name: Uppercase environment run: | - echo "ENV=`echo ${{ inputs.environment || github.event.client_payload.environment }} | tr '[:lower:]' '[:upper:]'`" >>${GITHUB_ENV} + echo "ENV=`echo ${{ inputs.environment || 'dev' }} | tr '[:lower:]' '[:upper:]'`" >>${GITHUB_ENV} - name: Set Default Values to Repository Variable run: | diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index d9df0f1..c9eed57 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -56,6 +56,12 @@ jobs: cache-to: type=gha,mode=max tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + + - name: Convert repository name to snake case + run: | + REPO_NAME=$(echo "${GITHUB_REPOSITORY}" | awk -F/ '{print $2}') + SNAKE_CASE_REPO_NAME=$(echo "${REPO_NAME}" | sed 's/\(.\)\([A-Z]\)/\1_\2/g' | tr '[:upper:]' '[:lower:]' | sed 's/^_//' | tr -s '_' | tr '[:upper:]' '[:lower:]') + echo "SERVICE=${SNAKE_CASE_REPO_NAME}" >> $GITHUB_ENV - name: Trigger deployment workflow if: ${{ success() && github.ref == 'refs/heads/dev' }} @@ -64,4 +70,4 @@ jobs: -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ https://api.github.com/repos/${{ github.repository_owner }}/${{ vars.DEVOPS_REPO_NAME || 'devops' }}/dispatches \ - -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"${{ vars.SERVICE }}"}}' \ No newline at end of file + -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"${{ vars.SERVICE || env.SERVICE }}"}}' \ No newline at end of file From ddb55ba9773e3747d803f1bb1d5cd98b78822f18 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 14:42:27 +0530 Subject: [PATCH 10/21] updated docs --- docs/onboarding.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index b411878..b5c221e 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -32,8 +32,7 @@ Example: [/examples/workflows/build-and-push.yaml](../examples/workflows/build-a - Generate a PAT (Personal Access Token) with appropriate scopes to initiate actions, [check permissions here](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#create-a-repository-dispatch-event) - Store the PAT as [repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) in repository setting, set name field as `PAT` - If devops repository name is not `devops` set, the [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `DEVOPS_REPO_NAME` and value as the name of devops repository -- Create a [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository), with `NAME` as `SERIVCE` and `value` as `repository_name`(snake_case) - +- If your repo name converted snake_case(repo_name) is not same as service, then set the [Repositor Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `SERVICE` and value as the name of service in snake_case - Push from the `dev` branch only to auto deploy Reference: From 5107c7139df79ed35ef1781b06193bdb2907dddf Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Wed, 10 Jul 2024 14:44:44 +0530 Subject: [PATCH 11/21] updated client payload --- examples/workflows/build-and-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index c9eed57..abb4387 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -70,4 +70,4 @@ jobs: -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ https://api.github.com/repos/${{ github.repository_owner }}/${{ vars.DEVOPS_REPO_NAME || 'devops' }}/dispatches \ - -d '{"event_type":"deploy-trigger","client_payload":{"environment":"dev","services":"${{ vars.SERVICE || env.SERVICE }}"}}' \ No newline at end of file + -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ vars.SERVICE || env.SERVICE }}"}}' \ No newline at end of file From d8b38884e36946bfd23be97bfbe529976eafd13c Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Fri, 12 Jul 2024 08:15:34 +0530 Subject: [PATCH 12/21] updated the docs --- docs/onboarding.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index b5c221e..3b5c5e6 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -32,7 +32,7 @@ Example: [/examples/workflows/build-and-push.yaml](../examples/workflows/build-a - Generate a PAT (Personal Access Token) with appropriate scopes to initiate actions, [check permissions here](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#create-a-repository-dispatch-event) - Store the PAT as [repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) in repository setting, set name field as `PAT` - If devops repository name is not `devops` set, the [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `DEVOPS_REPO_NAME` and value as the name of devops repository -- If your repo name converted snake_case(repo_name) is not same as service, then set the [Repositor Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `SERVICE` and value as the name of service in snake_case +- If your repository name in snake_case differs from the service name, set the [Repositor Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `SERVICE` and value as the name of service name in snake_case - Push from the `dev` branch only to auto deploy Reference: From 686e48fe23bcebb636e09011c5e3d20f605d3677 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Fri, 26 Jul 2024 11:13:58 +0530 Subject: [PATCH 13/21] updated workflows for auto deployment --- .github/workflows/deploy.yaml | 47 ++++++++++++++++++++++++-- examples/workflows/build-and-push.yaml | 4 +-- 2 files changed, 46 insertions(+), 5 deletions(-) diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 72f4ad0..f4d4481 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -15,18 +15,59 @@ on: - deploy-trigger jobs: + compare_environments: + runs-on: ubuntu-latest + outputs: + common_environments: ${{ steps.compare_environments.outputs.common_environments }} + steps: + - name: Compare environment + id: compare_environments + run: | + # Fetch inputs and secrets + CLIENT_PAYLOAD_ENVIRONMENT='${{ toJson(github.event.client_payload.environment) }}' + + # Write the secret to a temporary file + echo '${{ secrets.ALLOW_EXTERNAL_TRIGGER }}' > allow_external_trigger.json + + + ALLOW_EXTERNAL_TRIGGER=$(cat allow_external_trigger.json) + + echo "ALLOW_EXTERNAL_TRIGGER: $ALLOW_EXTERNAL_TRIGGER" + + # Find common values using jq + COMMON_ENVIRONMENTS=$(jq -n --argjson client "$CLIENT_PAYLOAD_ENVIRONMENT" --argjson allow "$ALLOW_EXTERNAL_TRIGGER" \ + '[ $client[] | select($allow[] == .) ]' | jq -c '.') + + # Setting to dev if no common environment found + if [ "$COMMON_ENVIRONMENTS" == "" ]; then + COMMON_ENVIRONMENTS='["dev"]' + fi + + echo "COMMON_ENVIRONMENTS: $COMMON_ENVIRONMENTS" + + # Export environment variable and write to file + echo "common_environments=$COMMON_ENVIRONMENTS" >> $GITHUB_OUTPUT + deployment: runs-on: ubuntu-latest - name: Deploy ${{ inputs.services || github.event.client_payload.services }} in ${{inputs.environment || 'dev' }} + needs: compare_environments + strategy: + matrix: + env: ${{ fromJson(needs.compare_environments.outputs.common_environments) }} + name: Deploy ${{ inputs.services || github.event.client_payload.services }} in ${{inputs.environment || matrix.env }} steps: - name: Uppercase environment run: | - echo "ENV=`echo ${{ inputs.environment || 'dev' }} | tr '[:lower:]' '[:upper:]'`" >>${GITHUB_ENV} + echo "ENV=`echo ${{ inputs.environment || matrix.env }} | tr '[:lower:]' '[:upper:]'`" >>${GITHUB_ENV} - name: Set Default Values to Repository Variable run: | - echo "ENABLE_FORCE_RECREATE=${{ vars.ENABLE_FORCE_RECREATE || 1 }}" >> ${GITHUB_ENV} + if [ "${{ github.event_name }}" == "repository_dispatch" ]; then + echo "ENABLE_FORCE_RECREATE=0" >> ${GITHUB_ENV} + else + echo "ENABLE_FORCE_RECREATE=${{ vars.ENABLE_FORCE_RECREATE || 1 }}" >> ${GITHUB_ENV} + fi echo "DISABLE_REMOVE_ORPHANS=${{ vars.DISABLE_REMOVE_ORPHANS || 0 }}" >> ${GITHUB_ENV} echo "DISABLE_ANSI=${{ vars.DISABLE_ANSI || 1 }}" >> ${GITHUB_ENV} echo "ENABLE_GIT_PULL=${{ vars.ENABLE_GIT_PULL || 1 }}" >> ${GITHUB_ENV} diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index abb4387..df8a59c 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -64,10 +64,10 @@ jobs: echo "SERVICE=${SNAKE_CASE_REPO_NAME}" >> $GITHUB_ENV - name: Trigger deployment workflow - if: ${{ success() && github.ref == 'refs/heads/dev' }} + if: ${{ success() }} run: | curl -X POST \ -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ https://api.github.com/repos/${{ github.repository_owner }}/${{ vars.DEVOPS_REPO_NAME || 'devops' }}/dispatches \ - -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ vars.SERVICE || env.SERVICE }}"}}' \ No newline at end of file + -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ vars.SERVICE || env.SERVICE }}", "environment":${{ secrets.ENABLE_AUTO_DEPLOY }}}}' \ No newline at end of file From e428af864bf2ba0f8e49a0db177bc5c8cc3ecd61 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Fri, 26 Jul 2024 11:15:27 +0530 Subject: [PATCH 14/21] updating comments --- .github/workflows/deploy.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index f4d4481..774271f 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -23,7 +23,6 @@ jobs: - name: Compare environment id: compare_environments run: | - # Fetch inputs and secrets CLIENT_PAYLOAD_ENVIRONMENT='${{ toJson(github.event.client_payload.environment) }}' # Write the secret to a temporary file From 7304d103566baad862e3071fec449d83e41c6af7 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Fri, 26 Jul 2024 12:03:36 +0530 Subject: [PATCH 15/21] updated docs --- docs/onboarding.md | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index a7d90cf..7279b5c 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -26,14 +26,6 @@ Example: [/examples/workflows/build-and-push.yaml](../examples/workflows/build-a > [!IMPORTANT] > In case you see 403 error, checkout [this](https://docs.github.com/en/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#github-actions-access-for-packages-scoped-to-organizations) -### To Auto Deploy Service -- [Allow access via fine-grained personal access tokens in Organisation](https://docs.github.com/en/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization#restricting-access-by-fine-grained-personal-access-tokens) -- [Configure actions to be triggered from another repository within the same organization](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) -- Generate a PAT (Personal Access Token) with appropriate scopes to initiate actions, [check permissions here](https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#create-a-repository-dispatch-event) -- Store the PAT as [repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) in repository setting, set name field as `PAT` -- If devops repository name is not `devops` set, the [Repository Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `DEVOPS_REPO_NAME` and value as the name of devops repository -- If your repository name in snake_case differs from the service name, set the [Repositor Variable](https://docs.github.com/en/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository) named `SERVICE` and value as the name of service name in snake_case -- Push from the `dev` branch only to auto deploy Reference: - For further clarification and detailed instructions, you can refer to the [GitHub documentation](https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-github-packages). @@ -41,6 +33,15 @@ Reference: ### 3. Add a workflow to test your image Example: [/examples/workflows/docker-test.yaml](../examples/workflows/docker-test.yaml) +### 4. To Auto Deploy Service +- [Allow access via fine-grained personal access tokens in the organization](https://docs.github.com/en/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization#restricting-access-by-fine-grained-personal-access-tokens) +- [Configure actions to be triggered from another repository within the same organization](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) +- Generate a Fine-Grained token (Personal Access Token) permissions required - Actions(Read and Write) and Content(Read and Write) +- Store the PAT as repository secret, set name field as `PAT` +- If devops repository name is not `devops` set, the Repository Variable named `DEVOPS_REPO_NAME` and value as the name of devops repository +- If your repository name in snake_case differs from the service name, set the Repositor Variable named `SERVICE` and value as the name of service name in snake_case +- Create a repository secret `ENABLE_AUTO_DEPLOY` and set value for auto deployment to run for all environment given here , eg:`["main", "dev"]` +- In your devops repository create a secret named `ALLOW_EXTERNAL_TRIGGER` and set value as only allowed environments here can be triggered through other repository, eg: `["dev"]` ## Adding your service From 059648a2d96b12bc895dd196064f5d083bb2a95d Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Thu, 26 Sep 2024 23:53:56 +0530 Subject: [PATCH 16/21] updated deploy.yaml --- .github/workflows/deploy.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 774271f..60cbec0 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -15,13 +15,13 @@ on: - deploy-trigger jobs: - compare_environments: + validate_environments: runs-on: ubuntu-latest outputs: - common_environments: ${{ steps.compare_environments.outputs.common_environments }} + validate_environments: ${{ steps.validate_environments.outputs.validate_environments }} steps: - - name: Compare environment - id: compare_environments + - name: Validate environment + id: validate_environments run: | CLIENT_PAYLOAD_ENVIRONMENT='${{ toJson(github.event.client_payload.environment) }}' @@ -49,10 +49,10 @@ jobs: deployment: runs-on: ubuntu-latest - needs: compare_environments + needs: validate_environments strategy: matrix: - env: ${{ fromJson(needs.compare_environments.outputs.common_environments) }} + env: ${{ fromJson(needs.validate_environments.outputs.common_environments) }} name: Deploy ${{ inputs.services || github.event.client_payload.services }} in ${{inputs.environment || matrix.env }} steps: From a215fe4a8d49148f1a329dbf766c95e5cdaeb329 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Fri, 27 Sep 2024 01:44:59 +0530 Subject: [PATCH 17/21] updated build and push --- examples/workflows/build-and-push.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index df8a59c..8108146 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -69,5 +69,5 @@ jobs: curl -X POST \ -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ - https://api.github.com/repos/${{ github.repository_owner }}/${{ vars.DEVOPS_REPO_NAME || 'devops' }}/dispatches \ - -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ vars.SERVICE || env.SERVICE }}", "environment":${{ secrets.ENABLE_AUTO_DEPLOY }}}}' \ No newline at end of file + https://api.github.com/repos/${{ github.repository_owner }}/${{ secrets.DEVOPS_REPO_NAME || 'devops' }}/dispatches \ + -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ secrets.SERVICE || env.SERVICE }}", "environment":${{ secrets.ENABLE_AUTO_DEPLOY }}}}' From 7a6c5751ad50f15050986f06f612c2fbdc05542f Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Fri, 27 Sep 2024 09:51:54 +0530 Subject: [PATCH 18/21] updated doc --- docs/onboarding.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index 7279b5c..aecbf23 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -34,12 +34,12 @@ Reference: Example: [/examples/workflows/docker-test.yaml](../examples/workflows/docker-test.yaml) ### 4. To Auto Deploy Service -- [Allow access via fine-grained personal access tokens in the organization](https://docs.github.com/en/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization#restricting-access-by-fine-grained-personal-access-tokens) -- [Configure actions to be triggered from another repository within the same organization](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) +- Allow [access via fine-grained] personal access tokens in the organization(https://docs.github.com/en/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization#restricting-access-by-fine-grained-personal-access-tokens) +- [Configure actions] to be triggered from another repository within the same organization(https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) - Generate a Fine-Grained token (Personal Access Token) permissions required - Actions(Read and Write) and Content(Read and Write) - Store the PAT as repository secret, set name field as `PAT` -- If devops repository name is not `devops` set, the Repository Variable named `DEVOPS_REPO_NAME` and value as the name of devops repository -- If your repository name in snake_case differs from the service name, set the Repositor Variable named `SERVICE` and value as the name of service name in snake_case +- If devops repository name is not `devops` set, the Repository Secret named `DEVOPS_REPO_NAME` and value as the name of devops repository +- If your repository name in snake_case differs from the service name, set the Repositor Secret named `SERVICE` and value as the name of service name in snake_case - Create a repository secret `ENABLE_AUTO_DEPLOY` and set value for auto deployment to run for all environment given here , eg:`["main", "dev"]` - In your devops repository create a secret named `ALLOW_EXTERNAL_TRIGGER` and set value as only allowed environments here can be triggered through other repository, eg: `["dev"]` From 01727b7ea13d1471391b40f07972e57edbf68be6 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Mon, 30 Sep 2024 13:25:20 +0530 Subject: [PATCH 19/21] updated docs --- docs/onboarding.md | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/docs/onboarding.md b/docs/onboarding.md index aecbf23..fdda4cc 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -34,14 +34,20 @@ Reference: Example: [/examples/workflows/docker-test.yaml](../examples/workflows/docker-test.yaml) ### 4. To Auto Deploy Service -- Allow [access via fine-grained] personal access tokens in the organization(https://docs.github.com/en/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization#restricting-access-by-fine-grained-personal-access-tokens) -- [Configure actions] to be triggered from another repository within the same organization(https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) -- Generate a Fine-Grained token (Personal Access Token) permissions required - Actions(Read and Write) and Content(Read and Write) -- Store the PAT as repository secret, set name field as `PAT` -- If devops repository name is not `devops` set, the Repository Secret named `DEVOPS_REPO_NAME` and value as the name of devops repository -- If your repository name in snake_case differs from the service name, set the Repositor Secret named `SERVICE` and value as the name of service name in snake_case -- Create a repository secret `ENABLE_AUTO_DEPLOY` and set value for auto deployment to run for all environment given here , eg:`["main", "dev"]` -- In your devops repository create a secret named `ALLOW_EXTERNAL_TRIGGER` and set value as only allowed environments here can be triggered through other repository, eg: `["dev"]` + + #### Assumptions made: + SERVICE_REPO: Repository from which the service is deployed. + DEVOPS_REPO: Repository where deployment is triggered. + #### In SERVICE_REPO + - Allow [access via fine-grained](https://docs.github.com/en/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization#restricting-access-by-fine-grained-personal-access-tokens) personal access tokens in the organization + - [Configure actions](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) to be triggered from another repository within the same organization + - Generate a Fine-Grained token (Personal Access Token) permissions required - Actions(Read and Write) and Content(Read and Write) + - Store the PAT as repository secret, set name field as `PAT` + - If devops repository name is not `devops` set, the Repository Secret named `DEVOPS_REPO_NAME` and value as the name of devops repository + - If your repository name in snake_case differs from the service name, set the Repositor Secret named `SERVICE` and value as the name of service name in snake_case + - Create a repository secret `ENABLE_AUTO_DEPLOY` and set value for auto deployment to run for all environment given here , eg:`["dev", "stage"]` + #### In DEVOPS_REPO + - Create a secret named `ALLOW_EXTERNAL_TRIGGER` and set value as only allowed environments here can be triggered through other repository, eg: `["dev"]` ## Adding your service From 1ef43dcaf40e8441b78ebcabb9bed1071ddcb93c Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Thu, 3 Oct 2024 14:09:46 +0530 Subject: [PATCH 20/21] updated docs and worklow --- .github/workflows/deploy.yaml | 18 +++++++++--------- docs/onboarding.md | 6 +++--- examples/workflows/build-and-push.yaml | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 60cbec0..7c4b9a3 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -26,33 +26,33 @@ jobs: CLIENT_PAYLOAD_ENVIRONMENT='${{ toJson(github.event.client_payload.environment) }}' # Write the secret to a temporary file - echo '${{ secrets.ALLOW_EXTERNAL_TRIGGER }}' > allow_external_trigger.json + echo '${{ secrets.PERMITTED_EXTERNAL_ENVIRONMENTS }}' > permitted_external_environments.json - ALLOW_EXTERNAL_TRIGGER=$(cat allow_external_trigger.json) + PERMITTED_EXTERNAL_ENVIRONMENTS=$(cat permitted_external_environments.json) - echo "ALLOW_EXTERNAL_TRIGGER: $ALLOW_EXTERNAL_TRIGGER" + echo "PERMITTED_EXTERNAL_ENVIRONMENTS: $PERMITTED_EXTERNAL_ENVIRONMENTS" # Find common values using jq - COMMON_ENVIRONMENTS=$(jq -n --argjson client "$CLIENT_PAYLOAD_ENVIRONMENT" --argjson allow "$ALLOW_EXTERNAL_TRIGGER" \ + VALIDATED_ENVIRONMENTS=$(jq -n --argjson client "$CLIENT_PAYLOAD_ENVIRONMENT" --argjson allow "$PERMITTED_EXTERNAL_ENVIRONMENTS" \ '[ $client[] | select($allow[] == .) ]' | jq -c '.') # Setting to dev if no common environment found - if [ "$COMMON_ENVIRONMENTS" == "" ]; then - COMMON_ENVIRONMENTS='["dev"]' + if [ "$VALIDATED_ENVIRONMENTS" == "" ]; then + VALIDATED_ENVIRONMENTS='["dev"]' fi - echo "COMMON_ENVIRONMENTS: $COMMON_ENVIRONMENTS" + echo "VALIDATED_ENVIRONMENTS: $VALIDATED_ENVIRONMENTS" # Export environment variable and write to file - echo "common_environments=$COMMON_ENVIRONMENTS" >> $GITHUB_OUTPUT + echo "validated_environments=$VALIDATED_ENVIRONMENTS" >> $GITHUB_OUTPUT deployment: runs-on: ubuntu-latest needs: validate_environments strategy: matrix: - env: ${{ fromJson(needs.validate_environments.outputs.common_environments) }} + env: ${{ fromJson(needs.validate_environments.outputs.validated_environments) }} name: Deploy ${{ inputs.services || github.event.client_payload.services }} in ${{inputs.environment || matrix.env }} steps: diff --git a/docs/onboarding.md b/docs/onboarding.md index fdda4cc..4608300 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -43,11 +43,11 @@ Example: [/examples/workflows/docker-test.yaml](../examples/workflows/docker-te - [Configure actions](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository) to be triggered from another repository within the same organization - Generate a Fine-Grained token (Personal Access Token) permissions required - Actions(Read and Write) and Content(Read and Write) - Store the PAT as repository secret, set name field as `PAT` - - If devops repository name is not `devops` set, the Repository Secret named `DEVOPS_REPO_NAME` and value as the name of devops repository + - If devops repository name is not `devops`, set the Repository Secret named `DEVOPS_REPO_NAME` and value as the name of devops repository - If your repository name in snake_case differs from the service name, set the Repositor Secret named `SERVICE` and value as the name of service name in snake_case - - Create a repository secret `ENABLE_AUTO_DEPLOY` and set value for auto deployment to run for all environment given here , eg:`["dev", "stage"]` + - Create a repository secret named `TARGET_DEPLOY_ENVIRONMENTS` and set value for targeted auto deployment to run for all environment given here, eg:`["dev", "stage"]` #### In DEVOPS_REPO - - Create a secret named `ALLOW_EXTERNAL_TRIGGER` and set value as only allowed environments here can be triggered through other repository, eg: `["dev"]` + - Create a secret named `PERMITTED_EXTERNAL_ENVIRONMENTS` and set value as only allowed environments here can be triggered through other repository, eg: `["dev"]` ## Adding your service diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index 8108146..865cd58 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -70,4 +70,4 @@ jobs: -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ https://api.github.com/repos/${{ github.repository_owner }}/${{ secrets.DEVOPS_REPO_NAME || 'devops' }}/dispatches \ - -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ secrets.SERVICE || env.SERVICE }}", "environment":${{ secrets.ENABLE_AUTO_DEPLOY }}}}' + -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ secrets.SERVICE || env.SERVICE }}", "environment":${{ secrets.TARGET_DEPLOY_ENVIRONMENTS }}}}' From 65604986b72ccf5f9f2e1ce076a720cdd559c0a7 Mon Sep 17 00:00:00 2001 From: Srijan-SS02 Date: Thu, 3 Oct 2024 17:41:57 +0530 Subject: [PATCH 21/21] updated workflow and docs --- .github/workflows/deploy.yaml | 9 ++++----- docs/onboarding.md | 6 +++--- examples/workflows/build-and-push.yaml | 2 +- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 7c4b9a3..0ed32e2 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -26,15 +26,14 @@ jobs: CLIENT_PAYLOAD_ENVIRONMENT='${{ toJson(github.event.client_payload.environment) }}' # Write the secret to a temporary file - echo '${{ secrets.PERMITTED_EXTERNAL_ENVIRONMENTS }}' > permitted_external_environments.json - + echo '${{ secrets.PERMIT_AUTO_DEPLOY }}' > permit_auto_deploy.json - PERMITTED_EXTERNAL_ENVIRONMENTS=$(cat permitted_external_environments.json) + PERMIT_AUTO_DEPLOY=$(cat permit_auto_deploy.json) - echo "PERMITTED_EXTERNAL_ENVIRONMENTS: $PERMITTED_EXTERNAL_ENVIRONMENTS" + echo "PERMIT_AUTO_DEPLOY: $PERMIT_AUTO_DEPLOY" # Find common values using jq - VALIDATED_ENVIRONMENTS=$(jq -n --argjson client "$CLIENT_PAYLOAD_ENVIRONMENT" --argjson allow "$PERMITTED_EXTERNAL_ENVIRONMENTS" \ + VALIDATED_ENVIRONMENTS=$(jq -n --argjson client "$CLIENT_PAYLOAD_ENVIRONMENT" --argjson allow "$PERMIT_AUTO_DEPLOY" \ '[ $client[] | select($allow[] == .) ]' | jq -c '.') # Setting to dev if no common environment found diff --git a/docs/onboarding.md b/docs/onboarding.md index 4608300..251350e 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -44,10 +44,10 @@ Example: [/examples/workflows/docker-test.yaml](../examples/workflows/docker-te - Generate a Fine-Grained token (Personal Access Token) permissions required - Actions(Read and Write) and Content(Read and Write) - Store the PAT as repository secret, set name field as `PAT` - If devops repository name is not `devops`, set the Repository Secret named `DEVOPS_REPO_NAME` and value as the name of devops repository - - If your repository name in snake_case differs from the service name, set the Repositor Secret named `SERVICE` and value as the name of service name in snake_case - - Create a repository secret named `TARGET_DEPLOY_ENVIRONMENTS` and set value for targeted auto deployment to run for all environment given here, eg:`["dev", "stage"]` + - If your repository name in snake_case differs from the service name, set the Repository Secret named `SERVICE_NAME` and value as the name of service name in snake_case + - Create a repository secret named `ENABLE_AUTO_DEPLOY` and set value for targeted auto deployment to run for all environment given here, eg:`["dev", "stage"]` #### In DEVOPS_REPO - - Create a secret named `PERMITTED_EXTERNAL_ENVIRONMENTS` and set value as only allowed environments here can be triggered through other repository, eg: `["dev"]` + - Create a secret named `PERMIT_AUTO_DEPLOY` and set value as only allowed environments here can be triggered through other repository, eg: `["dev"]` ## Adding your service diff --git a/examples/workflows/build-and-push.yaml b/examples/workflows/build-and-push.yaml index 865cd58..e49e38a 100644 --- a/examples/workflows/build-and-push.yaml +++ b/examples/workflows/build-and-push.yaml @@ -70,4 +70,4 @@ jobs: -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.PAT }}" \ https://api.github.com/repos/${{ github.repository_owner }}/${{ secrets.DEVOPS_REPO_NAME || 'devops' }}/dispatches \ - -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ secrets.SERVICE || env.SERVICE }}", "environment":${{ secrets.TARGET_DEPLOY_ENVIRONMENTS }}}}' + -d '{"event_type":"deploy-trigger","client_payload":{"services":"${{ secrets.SERVICE_NAME || env.SERVICE }}", "environment":${{ secrets.ENABLE_AUTO_DEPLOY }}}}'