diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index f6835b703..fbd3c0c04 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -8,6 +8,16 @@ on: type: string default: >- [""] + k8s-environment: + required: false + description: Specifies which environmet to use for k8s testing. ["production", "staging"] + type: string + default: "production" + k8s-manifests-branch: + required: false + description: "branch for k8s manifests to run the tests on" + type: string + default: "main" secrets: GH_TOKEN_ADMIN: description: Github admin token @@ -77,7 +87,28 @@ jobs: execute-modinput-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_modinput_functional_labeled }} execute-scripted_inputs-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_scripted_inputs_labeled }} execute-requirement-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_requirement_test_labeled }} + s3_bucket_k8s: ${{ steps.k8s-environment.outputs.s3_bucket }} + argo_server_domain_k8s: ${{ steps.k8s-environment.outputs.argo_server_domain }} + argo_token_secret_id_k8s: ${{ steps.k8s-environment.outputs.argo_token_secret_id }} steps: + - name: set k8s environment + id: k8s-environment + run: | + if [[ ${{ inputs.k8s-environment }} == 'staging' ]]; then + echo "setting up argo variables for staging" + { + echo "s3_bucket=ta-staging-artifacts" + echo "argo_server_domain=argo.staging.wfe.splgdi.com" + echo "argo_token_secret_id=ta-staging-github-workflow-automation-token" + } >> "$GITHUB_OUTPUT" + else + echo "setting up argo variables for production" + { + echo "s3_bucket=ta-production-artifacts" + echo "argo_server_domain=argo.wfe.splgdi.com" + echo "argo_token_secret_id=ta-github-workflow-automation-token" + } >> "$GITHUB_OUTPUT" + fi - name: skip workflow if description is empty for labeled pr id: skip-workflow env: @@ -678,7 +709,7 @@ jobs: run: | echo "name=$(basename "${{ steps.slim.outputs.OUTPUT }}")" >> "$GITHUB_OUTPUT" basename "${{ steps.slim.outputs.OUTPUT }}" - aws s3 cp "${{ steps.slim.outputs.OUTPUT }}" s3://ta-production-artifacts/ta-apps/ + aws s3 cp "${{ steps.slim.outputs.OUTPUT }}" "s3://${{ needs.setup-workflow.outputs.s3_bucket_k8s }}/ta-apps/" build-3_9: runs-on: ubuntu-latest @@ -894,6 +925,7 @@ jobs: setup: needs: + - setup-workflow - build - test-inventory if: ${{ !cancelled() && needs.build.result == 'success' }} @@ -938,9 +970,9 @@ jobs: JOB_NAME=$(echo "$ADDON_NAME" | tail -c 16)-$(echo "${GITHUB_SHA}" | tail -c 8)-TEST-TYPE-${GITHUB_RUN_ID} JOB_NAME=${JOB_NAME//[_.]/-} LABELS="addon-name=${ADDON_NAME}" - ADDON_UPLOAD_PATH="s3://ta-production-artifacts/ta-apps/${{ needs.build.outputs.buildname }}" + ADDON_UPLOAD_PATH="s3://${{ needs.setup-workflow.outputs.s3_bucket_k8s }}/ta-apps/${{ needs.build.outputs.buildname }}" { - echo "argo-server=argo.wfe.splgdi.com:443" + echo "argo-server=${{ needs.setup-workflow.outputs.argo_server_domain_k8s }}:443" echo "argo-http1=true" echo "argo-secure=true" echo "argo-base-href=\'\'" @@ -948,13 +980,13 @@ jobs: echo "argo-workflow-tmpl-name=ta-workflow" echo "argo-cancel-workflow-tmpl-name=cancel-workflow" echo "directory-path=/tmp" - echo "s3-bucket=ta-production-artifacts" + echo "s3-bucket=${{ needs.setup-workflow.outputs.s3_bucket_k8s }}" echo "addon-name=\"$ADDON_NAME\"" echo "job-name=wf-$JOB_NAME" echo "labels=$LABELS" echo "addon-upload-path=$ADDON_UPLOAD_PATH" echo "spl-host-suffix=wfe.splgdi.com" - echo "k8s-manifests-branch=main" + echo "k8s-manifests-branch=${{ inputs.k8s-manifests-branch }}" } >> "$GITHUB_OUTPUT" - uses: actions/download-artifact@v3 if: ${{ needs.test-inventory.outputs.ucc_modinput_functional == 'true' && needs.test-inventory.outputs.modinput_functional == 'true'}} @@ -988,7 +1020,7 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} run: | swagger_name=swagger_$(basename "$BUILD_NAME" .spl) - aws s3 sync "${{ steps.download-openapi.outputs.download-path }}/tmp/restapi_client/" "s3://ta-production-artifacts/ta-apps/$swagger_name/" --exclude "*" --include "README.md" --include "*swagger_client*" --only-show-errors + aws s3 sync "${{ steps.download-openapi.outputs.download-path }}/tmp/restapi_client/" "s3://${{ needs.setup-workflow.outputs.s3_bucket_k8s }}/ta-apps/$swagger_name/" --exclude "*" --include "README.md" --include "*swagger_client*" --only-show-errors run-knowledge-tests: if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.knowledge == 'true' && (needs.setup-workflow.outputs.execute-ko == 'Yes' || needs.setup-workflow.outputs.execute-knowledge-labeled == 'true') }} @@ -1045,7 +1077,7 @@ jobs: - name: Read secrets from AWS Secrets Manager into environment variables id: get-argo-token run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: create job name id: create-job-name @@ -1092,7 +1124,7 @@ jobs: id: update-argo-token if: ${{ !cancelled() }} run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: calculate timeout id: calculate-timeout @@ -1286,7 +1318,7 @@ jobs: - name: Read secrets from AWS Secrets Manager into environment variables id: get-argo-token run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: create job name id: create-job-name @@ -1508,7 +1540,7 @@ jobs: - name: Read secrets from AWS Secrets Manager into environment variables id: get-argo-token run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: create job name id: create-job-name @@ -1555,7 +1587,7 @@ jobs: id: update-argo-token if: ${{ !cancelled() }} run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: calculate timeout id: calculate-timeout @@ -1737,7 +1769,7 @@ jobs: - name: Read secrets from AWS Secrets Manager into environment variables id: get-argo-token run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: create job name id: create-job-name @@ -1796,7 +1828,7 @@ jobs: id: update-argo-token if: ${{ !cancelled() }} run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: calculate timeout id: calculate-timeout @@ -1975,7 +2007,7 @@ jobs: - name: Read secrets from AWS Secrets Manager into environment variables id: get-argo-token run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: create job name id: create-job-name @@ -2204,7 +2236,7 @@ jobs: - name: Read secrets from AWS Secrets Manager into environment variables id: get-argo-token run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: create job name id: create-job-name @@ -2440,7 +2472,7 @@ jobs: - name: Read secrets from AWS Secrets Manager into environment variables id: get-argo-token run: | - ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString') + ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString') echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT" - name: create job name id: create-job-name