From 95566d72ba75ea4eec631f57d5f436db181858c6 Mon Sep 17 00:00:00 2001 From: M_Westerholz Date: Fri, 11 Oct 2024 09:38:08 +0000 Subject: [PATCH] restructured repo to typical spsh rollout process --- .../install-and-run-spsh-loadtest.yml | 71 +++++++++++++++++++ .../publish-image-and-helm-on-tag.yml | 33 +++++++++ .../publish-image-on-push-to-branch.yml | 24 +++++++ .github/workflows/scan-helm-on-push.yml | 14 ++++ .../schulportal-load-tests}/.helmignore | 0 .../schulportal-load-tests}/Chart.yaml | 0 .../templates/cronjob.yaml | 0 .../templates/login-secret.yaml | 0 .../schulportal-load-tests}/values.yaml | 0 .../k6-loadtest/Dockerfile | 0 .../k6-loadtest/wrapper-script.sh | 0 11 files changed, 142 insertions(+) create mode 100644 .github/workflows/install-and-run-spsh-loadtest.yml create mode 100644 .github/workflows/publish-image-and-helm-on-tag.yml create mode 100644 .github/workflows/publish-image-on-push-to-branch.yml create mode 100644 .github/workflows/scan-helm-on-push.yml rename {infrastructure => charts/schulportal-load-tests}/.helmignore (100%) rename {infrastructure => charts/schulportal-load-tests}/Chart.yaml (100%) rename {infrastructure => charts/schulportal-load-tests}/templates/cronjob.yaml (100%) rename {infrastructure => charts/schulportal-load-tests}/templates/login-secret.yaml (100%) rename {infrastructure => charts/schulportal-load-tests}/values.yaml (100%) rename {infrastructure => image}/k6-loadtest/Dockerfile (100%) rename {infrastructure => image}/k6-loadtest/wrapper-script.sh (100%) diff --git a/.github/workflows/install-and-run-spsh-loadtest.yml b/.github/workflows/install-and-run-spsh-loadtest.yml new file mode 100644 index 0000000..632ceaf --- /dev/null +++ b/.github/workflows/install-and-run-spsh-loadtest.yml @@ -0,0 +1,71 @@ +--- +name: Install and Run SPSH loadtest Action + +on: + workflow_call: + inputs: + instance_name: + type: string + required: true + instance_stage: + type: string + required: true + frontend_hostname: + type: string + required: true + release_tag: + type: string + required: true + dbseeding: + required: false + description: "Enable Seeding (true, false, chart_value)" + default: chart_value + type: string + secrets: + TOKEN: + required: true + KUBECONFIG: + required: true + RC_WEBHOOK: + required: true + +permissions: + contents: read + +concurrency: + group: spsh-k6-loadtest-rollout-run + cancel-in-progress: true + +jobs: + rollout: + runs-on: 'ubuntu-latest' + steps: + - name: Checkout repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 + with: + repository: 'dBildungsplattform/schulportal-load-tests' + # change this ref to a branch to test changes + ref: "${{ inputs.release_tag }}" + # ref: "" + + - name: Install kubectl and Helm + uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f #v4.0.0 + + - name: Set kubeconfig + run: | + mkdir /home/runner/.kube/ + echo "${{ secrets.KUBECONFIG }}" > /home/runner/.kube/config + chmod 600 /home/runner/.kube/config + + - name: Helm add repo dbilungsplattform + run: | + helm repo add dbildungsplattform https://dbildungsplattform.github.io/helm-charts-registry/ + + - name: Rollout spsh-k6-loadtest Helm Chart + run: | + helm upgrade --install \ + spsh-k6-loadtest \ + ./charts/schulportal-load-tests \ + --namespace spsh \ + --kubeconfig /home/runner/.kube/config \ + --wait diff --git a/.github/workflows/publish-image-and-helm-on-tag.yml b/.github/workflows/publish-image-and-helm-on-tag.yml new file mode 100644 index 0000000..297f0f5 --- /dev/null +++ b/.github/workflows/publish-image-and-helm-on-tag.yml @@ -0,0 +1,33 @@ +name: 'Publish image to GHCR and Helm chart to GH pages on tag' + +on: + push: + tags: + - "[0-9]+.[0-9]+.[0-9]+" + +concurrency: + group: spsh-loadtest-main + cancel-in-progress: true + +jobs: + publish_docker: + permissions: + packages: write + security-events: write + contents: read + uses: dBildungsplattform/dbp-github-workflows/.github/workflows/image-publish-trivy.yaml@5.0.0 + with: + image_name: "spsh-k6-loadtest" + run_trivy_scan: true + image_tag_generation: "version_git_tag" + add_latest_tag: true + container_registry: "ghcr.io" + publish_helm: + uses: dBildungsplattform/dbp-github-workflows/.github/workflows/chart-release.yaml@5.0.0 + secrets: inherit + with: + chart_name: spsh-k6-loadtest + helm_chart_version_generation: specified + image_tag_generation: specified + helm_chart_version: ${{ github.ref_name }} + image_tag: ${{ github.ref_name }} diff --git a/.github/workflows/publish-image-on-push-to-branch.yml b/.github/workflows/publish-image-on-push-to-branch.yml new file mode 100644 index 0000000..d193077 --- /dev/null +++ b/.github/workflows/publish-image-on-push-to-branch.yml @@ -0,0 +1,24 @@ +name: 'Publish image to GHCR on push to branch' + +on: + push: + branches-ignore: + - 'main' + +concurrency: + group: spsh-loadtest-${{ github.ref }} + cancel-in-progress: true + +jobs: + build_and_push: + permissions: + packages: write + security-events: write + contents: read + uses: dBildungsplattform/dbp-github-workflows/.github/workflows/image-publish-trivy.yaml@5.0.0 + with: + image_name: "spsh-k6-loadtest" + run_trivy_scan: true + image_tag_generation: "ticket_from_branch" + add_latest_tag: false + container_registry: "ghcr.io" diff --git a/.github/workflows/scan-helm-on-push.yml b/.github/workflows/scan-helm-on-push.yml new file mode 100644 index 0000000..615666a --- /dev/null +++ b/.github/workflows/scan-helm-on-push.yml @@ -0,0 +1,14 @@ +name: "Scan Helm on push" + +on: + push: + +concurrency: + group: spsh-loadtest-scan-helm-${{ github.event.ref }} + cancel-in-progress: true + +jobs: + scan_helm: + uses: dBildungsplattform/dbp-github-workflows/.github/workflows/check-helm-kics.yaml@5.0.0 + permissions: + contents: read diff --git a/infrastructure/.helmignore b/charts/schulportal-load-tests/.helmignore similarity index 100% rename from infrastructure/.helmignore rename to charts/schulportal-load-tests/.helmignore diff --git a/infrastructure/Chart.yaml b/charts/schulportal-load-tests/Chart.yaml similarity index 100% rename from infrastructure/Chart.yaml rename to charts/schulportal-load-tests/Chart.yaml diff --git a/infrastructure/templates/cronjob.yaml b/charts/schulportal-load-tests/templates/cronjob.yaml similarity index 100% rename from infrastructure/templates/cronjob.yaml rename to charts/schulportal-load-tests/templates/cronjob.yaml diff --git a/infrastructure/templates/login-secret.yaml b/charts/schulportal-load-tests/templates/login-secret.yaml similarity index 100% rename from infrastructure/templates/login-secret.yaml rename to charts/schulportal-load-tests/templates/login-secret.yaml diff --git a/infrastructure/values.yaml b/charts/schulportal-load-tests/values.yaml similarity index 100% rename from infrastructure/values.yaml rename to charts/schulportal-load-tests/values.yaml diff --git a/infrastructure/k6-loadtest/Dockerfile b/image/k6-loadtest/Dockerfile similarity index 100% rename from infrastructure/k6-loadtest/Dockerfile rename to image/k6-loadtest/Dockerfile diff --git a/infrastructure/k6-loadtest/wrapper-script.sh b/image/k6-loadtest/wrapper-script.sh similarity index 100% rename from infrastructure/k6-loadtest/wrapper-script.sh rename to image/k6-loadtest/wrapper-script.sh