Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
release: develop changes to main (#61)
* fix: allow empty email in registration input (#59) * feat: autolink covers for sladers who receive an SMS from EDI (#44) * feat: isc endpoint to check for permission (#60) - feat: retrive users with a role, get role by name - chore: remove unused role usecases * test: fix tests for getting navigation actions usecase (#53) * chore: filter roles using filter input struct (#57) * fix: ensure that returned navigation actions are in the order required (#58) * chore: update email templates (#62) Co-authored-by: Willard Shikami <shikami@savannahinformatics.com> * ref: ordering navigation actions using priority (#68) - chore: add employee navigation actions * fix: change role filter to search role by role name (#67) * chore: update registered user welcome message (#70) fix: return empty list for missing role in role search * feat: add permission scopes in login response (#69) * feat: layout community onboarding service deployment (#72) * feat: layout community onboarding service deployment [ ] Build and push docker image to GCR [ ] Deploy the revision to Cloud Run via CI [ ] Make this workflow stage depend on CI test and lint workflow Signed-off-by: Otieno Calvine <nyarangaotieno@gmail.com> * feat: for lint and test workflow to complete and succeed before running deployment workflow Signed-off-by: Otieno Calvine <nyarangaotieno@gmail.com> * configure enviroment and job concurrency group Signed-off-by: Otieno Calvine <nyarangaotieno@gmail.com> * fix: flagged feature disabled on token refresh (#75) * refactor purge user (#77) * feat: add service deployment job (#74) [ ] Deploy test server to Google Cloud Run [ ] Supply secrets via Google Secret Manager Signed-off-by: Otieno Calvine <nyarangaotieno@gmail.com> Co-authored-by: Charles Muchogo <48381664+Muchogoc@users.noreply.github.com> Co-authored-by: Salaton <nairouasalaton@gmail.com> Co-authored-by: Richard Ochom <ochomrichard752@gmail.com> Co-authored-by: Shikami <46521311+willshikami@users.noreply.github.com> Co-authored-by: Willard Shikami <shikami@savannahinformatics.com> Co-authored-by: Kennedy Kori <kennedykori47@gmail.com> Co-authored-by: Kathurima Kimathi <41376826+KathurimaKimathi@users.noreply.github.com>
- Loading branch information
1 parent
42ab045
commit 0785477
Showing
41 changed files
with
4,126 additions
and
1,959 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
name: Deployment | ||
|
||
on: [push] | ||
|
||
concurrency: | ||
group: build_and_push_image | ||
|
||
jobs: | ||
build_and_push_image: | ||
runs-on: ubuntu-latest | ||
environment: | ||
name: test # run this only in test environment for now | ||
steps: | ||
- uses: actions/checkout@v2 | ||
|
||
# Setup gcloud CLI | ||
- uses: google-github-actions/setup-gcloud@master | ||
with: | ||
service_account_key: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | ||
project_id: ${{ secrets.GOOGLE_CLOUD_PROJECT }} | ||
export_default_credentials: true | ||
|
||
# Build docker image | ||
- name: Build | ||
run: |- | ||
docker build -t eu.gcr.io/${{ secrets.GOOGLE_CLOUD_PROJECT }}/${{ secrets.GCR_NAME }}:$GITHUB_SHA --build-arg=ACCESS_TOKEN=${{ secrets.ACCESS_TOKEN }} . | ||
# Configure docker to use the gcloud command-line tool as a credential helper | ||
- run: | | ||
gcloud auth configure-docker -q | ||
# Push image to Google Container Registry | ||
- name: Push | ||
run: |- | ||
docker push eu.gcr.io/${{ secrets.GOOGLE_CLOUD_PROJECT }}/${{ secrets.GCR_NAME }}:$GITHUB_SHA | ||
deploy_to_test: | ||
name: Deploy Test Server to Google Cloud Run | ||
runs-on: ubuntu-latest | ||
environment: | ||
name: test | ||
needs: [build_and_push_image] | ||
steps: | ||
- name: Checkout working branches | ||
uses: actions/checkout@v2 | ||
|
||
# Deploy to Google Cloud Run Serverless | ||
- name: Get GCP project credential | ||
uses: google-github-actions/setup-gcloud@master | ||
with: | ||
service_account_key: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | ||
project_id: ${{ secrets.GOOGLE_CLOUD_PROJECT }} | ||
export_default_credentials: true | ||
|
||
# Deploy to Google Cloud Run Serverless | ||
- name: Deploy to Google Cloud Run | ||
run: | | ||
gcloud components install beta --quiet | ||
gcloud beta run deploy ${{ secrets.SERVICE_NAME }} --image eu.gcr.io/${{ secrets.GOOGLE_CLOUD_PROJECT }}/${{ secrets.GCR_NAME }}:$GITHUB_SHA \ | ||
--region europe-west1 \ | ||
--platform managed \ | ||
--allow-unauthenticated \ | ||
--min-instances=${{ secrets.MIN_INST }} \ | ||
--max-instances=${{ secrets.MAX_INST }} \ | ||
--memory=${{ secrets.MEMORY_LIMIT}} \ | ||
--cpu=${{ secrets.CPU }} \ | ||
--set-env-vars "GOOGLE_CLOUD_PROJECT=${{ secrets.GOOGLE_CLOUD_PROJECT }}" \ | ||
--set-env-vars "FIREBASE_WEB_API_KEY=${{ secrets.FIREBASE_WEB_API_KEY }}" \ | ||
--set-env-vars "JWT_KEY=${{ secrets.JWT_KEY }}" \ | ||
--set-env-vars "ENVIRONMENT=${{ secrets.ENVIRONMENT }}" \ | ||
--set-env-vars "SENTRY_DSN=${{ secrets.SENTRY_DSN }}" \ | ||
--set-env-vars "ROOT_COLLECTION_SUFFIX="${{ secrets.ROOT_COLLECTION_SUFFIX }}" \ | ||
--set-env-vars "ERP_HOST=${{ secrets.ERP_HOST }}" \ | ||
--set-env-vars "ERP_API_SCHEME=${{ secrets.ERP_API_SCHEME }}" \ | ||
--set-env-vars "ERP_TOKEN_URL=${{ secrets.ERP_TOKEN_URL }}" \ | ||
--set-env-vars "ERP_CLIENT_ID=${{ secrets.ERP_CLIENT_ID }}" \ | ||
--set-env-vars "ERP_CLIENT_SECRET=${{ secrets.ERP_CLIENT_SECRET }}" \ | ||
--set-env-vars "ERP_USERNAME=${{ secrets.ERP_USERNAME }}" \ | ||
--set-env-vars "ERP_PASSWORD=${{ secrets.ERP_PASSWORD }}" \ | ||
--set-env-vars "ERP_GRANT_TYPE=${{ secrets.ERP_GRANT_TYPE }}" \ | ||
--set-env-vars "ERP_DEFAULT_WORKSTATION_ID=${{ secrets.ERP_DEFAULT_WORKSTATION_ID }}" \ | ||
--set-env-vars "ERP_DEFAULT_CURRENCY=${{ secrets.ERP_DEFAULT_CURRENCY }}" \ | ||
--set-env-vars "CHARGE_MASTER_API_HOST=${{ secrets.CHARGE_MASTER_API_HOST }}" \ | ||
--set-env-vars "CHARGE_MASTER_API_SCHEME=${{ secrets.CHARGE_MASTER_API_SCHEME }}" \ | ||
--set-env-vars "CHARGE_MASTER_TOKEN_URL=${{ secrets.CHARGE_MASTER_TOKEN_URL }}" \ | ||
--set-env-vars "CHARGE_MASTER_CLIENT_ID=${{ secrets.CHARGE_MASTER_CLIENT_ID }}" \ | ||
--set-env-vars "CHARGE_MASTER_CLIENT_SECRET=${{ secrets.CHARGE_MASTER_CLIENT_SECRET }}" \ | ||
--set-env-vars "CHARGE_MASTER_USERNAME=${{ secrets.CHARGE_MASTER_USERNAME }}" \ | ||
--set-env-vars "CHARGE_MASTER_PASSWORD=${{ secrets.CHARGE_MASTER_PASSWORD }}" \ | ||
--set-env-vars "CHARGE_MASTER_GRANT_TYPE=${{ secrets.CHARGE_MASTER_GRANT_TYPE }}" \ | ||
--set-env-vars "CLIENT_ID=${{ secrets.CLIENT_ID }}" \ | ||
--set-env-vars "CLIENT_SECRET=${{ secrets.CLIENT_SECRET }}" \ | ||
--set-env-vars "TOKEN_URL=${{ secrets.TOKEN_URL }}" \ | ||
--set-env-vars "HOST=${{ secrets.HOST }}" \ | ||
--set-env-vars "API_SCHEME=${{ secrets.API_SCHEME }}" \ | ||
--set-env-vars "GRANT_TYPE=${{ secrets.GRANT_TYPE }}" \ | ||
--set-env-vars "CORE_CLIENT_ID=${{ secrets.CORE_CLIENT_ID }}" \ | ||
--set-env-vars "CORE_CLIENT_SECRET=${{ secrets.CORE_CLIENT_SECRET }}" \ | ||
--set-env-vars "CORE_USERNAME=${{ secrets.CORE_USERNAME }}" \ | ||
--set-env-vars "CORE_PASSWORD=${{ secrets.CORE_PASSWORD }}" \ | ||
--set-env-vars "CORE_GRANT_TYPE=${{ secrets.CORE_GRANT_TYPE }}" \ | ||
--set-env-vars "CORE_API_SCHEME=${{ secrets.CORE_API_SCHEME }}" \ | ||
--set-env-vars "CORE_TOKEN_URL=${{ secrets.CORE_TOKEN_URL }}" \ | ||
--set-env-vars "CORE_HOST=${{ secrets.CORE_HOST }}" \ | ||
--set-env-vars "REPOSITORY=${{ secrets.REPOSITORY }}" \ | ||
--set-env-vars "SERVICE_HOST=${{ secrets.SERVICE_HOST }}" \ | ||
--set-env-vars "GOOGLE_PROJECT_NUMBER=${{ secrets.GOOGLE_PROJECT_NUMBER }}" \ | ||
--set-env-vars "SAVANNAH_ADMIN_EMAIL=${{ secrets.SAVANNAH_ADMIN_EMAIL }}" \ | ||
--set-env-vars "HUBSPOT_API_KEY=${{ secrets.HUBSPOT_API_KEY }}" \ | ||
--set-env-vars "HUBSPOT_API_URL=${{ secrets.HUBSPOT_API_URL }}" \ | ||
--set-env-vars "JAEGER_URL=${{ secrets.JAEGER_URL }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.