From 8d2d470940d4df6fd7f4b99e1ae98d44ac50f986 Mon Sep 17 00:00:00 2001 From: David Okulski Date: Mon, 23 Mar 2026 11:34:37 -0700 Subject: [PATCH 1/4] Use staging branch to deploy to tools namespace --- .github/workflows/build-and-deploy.yml | 45 ++++++++------------------ 1 file changed, 13 insertions(+), 32 deletions(-) diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index 2c76cc4..692ddba 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -3,10 +3,11 @@ name: Build and Deploy on: push: branches: - - main - dev + - staging - test - workflow_dispatch: + - main + workflow_dispatch: env: REGISTRY: ghcr.io @@ -38,17 +39,21 @@ jobs: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=ref,event=branch,ref=${{ github.ref_name }} + + - name: Set branch tag for image + id: branch_tag + run: echo "image_tag=${GITHUB_REF##*/}" >> $GITHUB_OUTPUT - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . push: true - tags: ${{ steps.meta.outputs.tags }} + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.branch_tag.outputs.image_tag }} labels: ${{ steps.meta.outputs.labels }} outputs: - image_tag: ${{ steps.meta.outputs.tags }} + image_tag: ${{ steps.branch_tag.outputs.image_tag }} deploy: needs: build_and_push @@ -65,8 +70,8 @@ jobs: uses: redhat-actions/oc-login@v1 with: openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} - namespace: ${{ github.ref == 'refs/heads/main' && secrets.OPENSHIFT_PROD_NAMESPACE || (github.ref == 'refs/heads/dev' && secrets.OPENSHIFT_DEV_NAMESPACE) || secrets.OPENSHIFT_TEST_NAMESPACE }} - openshift_token: ${{ github.ref == 'refs/heads/main' && secrets.OPENSHIFT_PROD_TOKEN || (github.ref == 'refs/heads/dev' && secrets.OPENSHIFT_DEV_TOKEN) || secrets.OPENSHIFT_TEST_TOKEN }} + namespace: ${{ github.ref == 'refs/heads/main' && secrets.OPENSHIFT_PROD_NAMESPACE || (github.ref == 'refs/heads/dev' && secrets.OPENSHIFT_DEV_NAMESPACE) || (github.ref == 'refs/heads/staging' && secrets.OPENSHIFT_TOOLS_NAMESPACE) || secrets.OPENSHIFT_TEST_NAMESPACE }} + openshift_token: ${{ github.ref == 'refs/heads/main' && secrets.OPENSHIFT_PROD_TOKEN || (github.ref == 'refs/heads/dev' && secrets.OPENSHIFT_DEV_TOKEN) || (github.ref == 'refs/heads/staging' && secrets.OPENSHIFT_TOOLS_TOKEN) || secrets.OPENSHIFT_TEST_TOKEN }} insecure_skip_tls_verify: true - name: Deploy with Helm @@ -75,30 +80,6 @@ jobs: - name: Trigger OpenShift Rollout run: | oc rollout restart deployment/communication-layer - - # Deploy to Tools only if branch = dev - - name: Authenticate with OpenShift (tools env) - if: github.ref == 'refs/heads/dev' - uses: redhat-actions/oc-login@v1 - with: - openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} - namespace: ${{ secrets.OPENSHIFT_TOOLS_NAMESPACE }} - openshift_token: ${{ secrets.OPENSHIFT_TOOLS_TOKEN }} - insecure_skip_tls_verify: true - - - name: Deploy with Helm (tools env) - if: github.ref == 'refs/heads/dev' - run: | - helm upgrade --install communication-layer ./helm \ - --namespace "${{ secrets.OPENSHIFT_TOOLS_NAMESPACE }}" \ - --set image.repository=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} \ - --set image.tag=${{ needs.build_and_push.outputs.image_tag }} - - - name: Trigger OpenShift Rollout (tools env) - if: github.ref == 'refs/heads/dev' - run: | - oc rollout restart deployment/communication-layer \ - -n "${{ secrets.OPENSHIFT_TOOLS_NAMESPACE }}" deploy_to_portal: needs: build_and_push @@ -115,8 +96,8 @@ jobs: uses: redhat-actions/oc-login@v1 with: openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} - namespace: ${{ github.ref == 'refs/heads/main' && secrets.OPENSHIFT_PROD_PORTAL_NAMESPACE || (github.ref == 'refs/heads/dev' && secrets.OPENSHIFT_DEV_PORTAL_NAMESPACE) || secrets.OPENSHIFT_TEST_PORTAL_NAMESPACE }} - openshift_token: ${{ github.ref == 'refs/heads/main' && secrets.OPENSHIFT_PROD_PORTAL_TOKEN || (github.ref == 'refs/heads/dev' && secrets.OPENSHIFT_DEV_PORTAL_TOKEN) || secrets.OPENSHIFT_TEST_PORTAL_TOKEN }} + namespace: ${{ github.ref == 'refs/heads/main' && secrets.OPENSHIFT_PROD_PORTAL_NAMESPACE || (github.ref == 'refs/heads/dev' && secrets.OPENSHIFT_DEV_PORTAL_NAMESPACE) || (github.ref == 'refs/heads/staging' && secrets.OPENSHIFT_TOOLS_PORTAL_NAMESPACE) || secrets.OPENSHIFT_TEST_PORTAL_NAMESPACE }} + openshift_token: ${{ github.ref == 'refs/heads/main' && secrets.OPENSHIFT_PROD_PORTAL_TOKEN || (github.ref == 'refs/heads/dev' && secrets.OPENSHIFT_DEV_PORTAL_TOKEN) || (github.ref == 'refs/heads/staging' && secrets.OPENSHIFT_TOOLS_PORTAL_TOKEN) || secrets.OPENSHIFT_TEST_PORTAL_TOKEN }} insecure_skip_tls_verify: true - name: Deploy with Helm From 6809862d9a56055f7d3f82202ddb61ed637412ce Mon Sep 17 00:00:00 2001 From: David Okulski Date: Tue, 24 Mar 2026 10:59:23 -0700 Subject: [PATCH 2/4] Update the image tag to use lowercase of repo --- .github/workflows/build-and-deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index 692ddba..c824fd4 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -11,7 +11,7 @@ on: env: REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} + IMAGE_NAME: bcgov/communication-layer jobs: @@ -38,7 +38,7 @@ jobs: with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | - type=ref,event=branch,ref=${{ github.ref_name }} + type=ref,event=branch - name: Set branch tag for image id: branch_tag From d349467cdb8a3ed5db8aad5e3a1dbe8f73b60bef Mon Sep 17 00:00:00 2001 From: David Okulski Date: Tue, 24 Mar 2026 11:01:23 -0700 Subject: [PATCH 3/4] Move outputs step --- .github/workflows/build-and-deploy.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index c824fd4..2cd65fe 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -17,7 +17,10 @@ jobs: build_and_push: runs-on: ubuntu-latest - + + outputs: + image_tag: ${{ steps.branch_tag.outputs.image_tag }} + steps: - name: Checkout the repository uses: actions/checkout@v4 @@ -52,9 +55,6 @@ jobs: tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.branch_tag.outputs.image_tag }} labels: ${{ steps.meta.outputs.labels }} - outputs: - image_tag: ${{ steps.branch_tag.outputs.image_tag }} - deploy: needs: build_and_push runs-on: ubuntu-latest From db8d9a9ff5f4a8d308d7992f067e5f8540b1d20a Mon Sep 17 00:00:00 2001 From: David Okulski Date: Tue, 24 Mar 2026 12:40:22 -0700 Subject: [PATCH 4/4] Fixed image being pulled reference --- helm/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 69061a4..798020d 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -16,7 +16,7 @@ spec: spec: containers: - name: communication-layer - image: "{{ .Values.image.tag }}" + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: "{{ .Values.image.pullPolicy }}" envFrom: - configMapRef: