dbp-757-Handling Playwright Test Branches #2

Workflow file for this run

	---
	name: Deploy Action

	on:
	workflow_call:
	inputs:
	namespace:
	required: true
	type: string
	user_name:
	required: false
	default: spsh-bot
	type: string
	dbildungs_iam_server_branch:
	required: true
	description: "Has to be main or in format <project>-<ticketnumber>, e.g. spsh-130"
	default: main
	type: string
	schulportal_client_branch:
	required: true
	description: "Has to be main or in format <project>-<ticketnumber>, e.g. spsh-130"
	default: main
	type: string
	dbildungs_iam_keycloak_branch:
	required: true
	description: "Has to be main or in format <project>-<ticketnumber>, e.g. spsh-130"
	default: main
	type: string
	secrets:
	SPSH_DEV_KUBECONFIG:
	required: true
	permissions:
	contents: read

	jobs:
	find_dbildungs_iam_server_helm_chart_tag:
	uses: dBildungsplattform/spsh-app-deploy/.github/workflows/find-helm-chart-by-ticket-or-main-in-registry.yml@2
	with:
	github_repository: "dBildungsplattform/helm-charts-registry"
	branch: ${{ inputs.dbildungs_iam_server_branch }}
	chart_name: "dbildungs-iam-server"

	find_schulportal_client_helm_chart_tag:
	uses: dBildungsplattform/spsh-app-deploy/.github/workflows/find-helm-chart-by-ticket-or-main-in-registry.yml@2
	with:
	github_repository: "dBildungsplattform/helm-charts-registry"
	branch: ${{ inputs.schulportal_client_branch }}
	chart_name: "schulportal-client"

	find_dbildungs_iam_keycloak_helm_chart_tag:
	uses: dBildungsplattform/spsh-app-deploy/.github/workflows/find-helm-chart-by-ticket-or-main-in-registry.yml@2
	with:
	github_repository: "dBildungsplattform/helm-charts-registry"
	branch: ${{ inputs.dbildungs_iam_keycloak_branch }}
	chart_name: "dbildungs-iam-keycloak"

	create_ingress_prefix:
	uses: dBildungsplattform/spsh-app-deploy/.github/workflows/get-branch-meta.yml@2

	create_lowercase_ingress_prefix:
	needs:
	- create_ingress_prefix
	uses: dBildungsplattform/spsh-app-deploy/.github/workflows/deploy-branch-to-namespace.yml@2
	with:
	branch: ${{ github.ref_name == 'main' && inputs.namespace \|\| needs.create_ingress_prefix.outputs.ticket }}

	create_dbildungs_iam_keycloak_db_name:
	runs-on: ubuntu-latest
	outputs:
	keycloak_db_name: ${{ steps.create_dbildungs_iam_keycloak_db_name.outputs.keycloak_db_name }}
	steps:
	- id: create_dbildungs_iam_keycloak_db_name
	shell: bash
	run: \|
	# keycloak db name creation at a single point
	# Change every "." and "-" into "_", then remove all characters that are not alphanumeric, digit or an underscore and cut it on max lenght for postgresql db name
	temp=$(echo "dbildungs_iam_keycloak_${{ inputs.namespace }}" \| tr - _ \| tr \. _ \| sed 's/[^a-zA-Z0-9_]//g' \| cut -c1-63)
	echo "before" ${{ inputs.namespace }} "after" $temp
	echo "keycloak_db_name=$temp" >> $GITHUB_OUTPUT

	create_dbildungs_iam_server_db_name:
	runs-on: ubuntu-latest
	outputs:
	server_db_name: ${{ steps.create_dbildungs_iam_server_db_name.outputs.server_db_name }}
	steps:
	- id: create_dbildungs_iam_server_db_name
	shell: bash
	run: \|
	# server db name creation at a single point
	# Change every "." and "-" into "_", then remove all characters that are not alphanumeric, digit or an underscore and cut it on max lenght for postgresql db name
	temp=$(echo "dbildungs_iam_server_${{ inputs.namespace }}" \| tr - _ \| tr \. _ \| sed 's/[^a-zA-Z0-9_]//g' \| cut -c1-63)
	echo "before" ${{ inputs.namespace }} "after" $temp
	echo "server_db_name=$temp" >> $GITHUB_OUTPUT

	deployment:
	needs:
	- find_dbildungs_iam_server_helm_chart_tag
	- find_schulportal_client_helm_chart_tag
	- find_dbildungs_iam_keycloak_helm_chart_tag
	- create_lowercase_ingress_prefix
	- create_dbildungs_iam_keycloak_db_name
	- create_dbildungs_iam_server_db_name
	runs-on: 'ubuntu-latest'
	env:
	GITHUB_TOKEN: ${{ github.token }}
	KUBECONFIG_FILE: '${{ secrets.SPSH_DEV_KUBECONFIG }}'
	steps:
	- name: Check if namespace is allowed, fails if it not starts with ticketnr, e.g. spsh-1234 or is exactly 'main'
	run: \|
	if ${{ inputs.namespace != 'main' }}; then
	regex='^([[:alpha:]]+?-[[:digit:]]+)'
	[[ ${{ inputs.namespace }} =~ $regex ]]
	echo "${BASH_REMATCH[1]}"
	fi
	- name: checkout repo
	uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
	with:
	repository: 'dBildungsplattform/spsh-app-deploy'
	# comment this in to test changes of a branch in repo
	# ref: "<branch_name>"

	- name: Set up kubectl and Helm
	uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f #v4.0.0

	- name: Set kubeconfig
	run: \|
	mkdir /home/runner/.kube/
	echo "${{ secrets.SPSH_DEV_KUBECONFIG }}" > /home/runner/.kube/config
	chmod 600 /home/runner/.kube/config

	- name: Create Kubernetes namespace
	run: \|
	kubectl create namespace ${{ inputs.namespace }} \|\| true

	- name: Download dbildungs_iam_server Helm chart
	run: \|
	wget https://github.com/dBildungsplattform/helm-charts-registry/releases/download/${{ needs.find_dbildungs_iam_server_helm_chart_tag.outputs.helm_chart_tagname }}/${{ needs.find_dbildungs_iam_server_helm_chart_tag.outputs.helm_chart_tagname }}.tgz
	tar -zxvf ${{ needs.find_dbildungs_iam_server_helm_chart_tag.outputs.helm_chart_tagname }}.tgz

	- name: Download schulportal_client Helm chart
	run: \|
	wget https://github.com/dBildungsplattform/helm-charts-registry/releases/download/${{ needs.find_schulportal_client_helm_chart_tag.outputs.helm_chart_tagname }}/${{ needs.find_schulportal_client_helm_chart_tag.outputs.helm_chart_tagname }}.tgz
	tar -zxvf ${{ needs.find_schulportal_client_helm_chart_tag.outputs.helm_chart_tagname }}.tgz

	- name: Download dbildungs_iam_keycloak Helm chart
	run: \|
	wget https://github.com/dBildungsplattform/helm-charts-registry/releases/download/${{ needs.find_dbildungs_iam_keycloak_helm_chart_tag.outputs.helm_chart_tagname }}/${{ needs.find_dbildungs_iam_keycloak_helm_chart_tag.outputs.helm_chart_tagname }}.tgz
	tar -zxvf ${{ needs.find_dbildungs_iam_keycloak_helm_chart_tag.outputs.helm_chart_tagname }}.tgz

	# On branches the ticket number is used as image tag. To ensure the pods are restarted
	# and pull the the latest image, we uninstall the helm release first. (Otherwise same tag -> no change)
	# We also need to uninstall all pods to savely recreate the database
	- name: Uninstall all Helm-Charts in the namespace
	run: \|
	# Get list of installed Helm-Charts in namespace
	LIST_OF_HELM_CHARTS_IN_NAMESPACE="$(helm ls \
	--namespace ${{ inputs.namespace }} \
	--short \
	--all)"

	# Check if list of installed Helm-Charts is empty
	if [ -z "$LIST_OF_HELM_CHARTS_IN_NAMESPACE" ]; then
	echo "No Helm-Charts found in namespace ${{ inputs.namespace }}, skipping uninstall"
	else
	helm uninstall \
	$LIST_OF_HELM_CHARTS_IN_NAMESPACE \
	--namespace ${{ inputs.namespace }} \
	--wait
	fi

	- name: Create dbildungs-iam-server secret
	run: \|
	kubectl --namespace=${{ inputs.namespace }} apply -f ./dbildungs-iam-server-secret-dev.yaml

	- name: Create dbildungs-iam-keycloak secret
	run: \|
	kubectl --namespace=${{ inputs.namespace }} apply -f ./dbildungs-iam-keycloak-secret-dev.yaml

	- name: Create Database for dbildungs-iam-keycloak
	run: \|
	# Generate timestamp for job name uniqueness
	DATE=$(date +%Y%m%d%H%M%S)

	# Define job name for Keycloak database creation job
	HELM_KEYCLOAK_DB_JOB_NAME="psql-db-${DATE}-keycloak-${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}"

	# Deploy Database for dbildungs-iam-keycloak
	helm upgrade --install \
	$HELM_KEYCLOAK_DB_JOB_NAME \
	./charts/postgres_config \
	--namespace ${{ inputs.namespace }} \
	--set auth.existingSecret="psql-config-secret" \
	--set database.name=${{ needs.create_dbildungs_iam_keycloak_db_name.outputs.keycloak_db_name }}

	- name: Create Database for dbildungs-iam-server
	run: \|
	# Generate timestamp for job name uniqueness
	DATE=$(date +%Y%m%d%H%M%S)

	# Define job name for SPSH-App database creation job
	HELM_SERVER_DB_JOB_NAME="psql-db-${DATE}-database-${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}"

	# Deploy Database for SPSH-App
	helm upgrade --install \
	$HELM_SERVER_DB_JOB_NAME \
	./charts/postgres_config \
	--namespace ${{ inputs.namespace }} \
	--set auth.existingSecret="psql-config-secret" \
	--set database.name=${{ needs.create_dbildungs_iam_server_db_name.outputs.server_db_name }}


	# Wait is needed, dbildungs_iam_server expects keycloak to be up!
	- name: Deploy dbildungs_iam_keycloak Helm chart
	run: \|
	helm upgrade --install \
	dbildungs-iam-keycloak \
	dbildungs-iam-keycloak \
	--namespace ${{ inputs.namespace }} \
	--set auth.existingSecret="dbildungs-iam-keycloak" \
	--set keycloakHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}-keycloak.dev.spsh.dbildungsplattform.de \
	--set frontendHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}.dev.spsh.dbildungsplattform.de \
	--set database.name=${{ needs.create_dbildungs_iam_keycloak_db_name.outputs.keycloak_db_name }} \
	--set database.username=spshdeveloper \
	--wait

	- name: Deploy schulportal_client Helm chart
	run: \|
	helm upgrade --install \
	schulportal-client \
	schulportal-client \
	--namespace ${{ inputs.namespace }} \
	--set frontendHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}.dev.spsh.dbildungsplattform.de \
	--wait

	- name: Deploy dbildungs_iam_server Helm chart
	run: \|
	helm upgrade --install \
	dbildungs-iam-server \
	dbildungs-iam-server \
	--namespace ${{ inputs.namespace }} \
	--set auth.existingSecret="dbildungs-iam-server" \
	--set backendHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}.dev.spsh.dbildungsplattform.de \
	--set keycloakHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}-keycloak.dev.spsh.dbildungsplattform.de \
	--set database.name=${{ needs.create_dbildungs_iam_server_db_name.outputs.server_db_name }} \
	--wait

	run_playwright_tests:
	needs:
	- create_lowercase_ingress_prefix
	- deployment
	uses: dBildungsplattform/schulportal-testautomatisierung/.github/workflows/playwright.yml@${{ github.event.pull_request.head.ref \|\| 'main' }}
Check failure on line 251 in .github/workflows/deploy.yml View workflow run for this annotation GitHub Actions / .github/workflows/deploy.yml Invalid workflow file `invalid value workflow reference: version cannot have whitespace: ${{ github.event.pull_request.head.ref \|\| 'main' }}`
	secrets: inherit
	with:
	frontendHostname: "${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}.dev.spsh.dbildungsplattform.de"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

dbp-757-Handling Playwright Test Branches #2

Workflow file

dbp-757-Handling Playwright Test Branches #2

Jobs

Run details

Workflow file for this run

GitHub Actions / .github/workflows/deploy.yml