add optional verification jobs after deploys #108
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -44,10 +44,18 @@ on: | |
| description: 'postfix to apply to the base name for the primary deploy site (e.g. -prod, -dev)' | ||
| required: true | ||
| type: string | ||
| primary-verification-url: | ||
| description: 'URL for primary deploy to an endpoint returning JSON that includes `version` and `sha`' | ||
| required: false | ||
| type: string | ||
| secondary-azure-app-name-postfix: | ||
| description: 'postfix to apply to the base name for a secondary deploy site (e.g. -prod-europe, do not specify if no secondary site)' | ||
| type: string | ||
| default: '' | ||
| secondary-verification-url: | ||
| description: 'URL for secondary deploy to an endpoint returning JSON that includes `version` and `sha`' | ||
| required: false | ||
| type: string | ||
| docker-build-args: | ||
| description: 'optionally pass in build args to the Docker build command (e.g. "MY_VAR=my_value")' | ||
| required: false | ||
|
|
@@ -56,7 +64,7 @@ on: | |
| description: 'optionally pass to publish image to docker-hub' | ||
| required: false | ||
| type: string | ||
| jobs: | ||
| determine-trigger: | ||
| name: Determine if this was triggered by a release or workflow_dispatch | ||
|
|
@@ -129,6 +137,44 @@ jobs: | |
| azure-webapp-name: ${{ inputs.azure-app-base-name }}${{ inputs.azure-app-name-postfix }} | ||
| image-name-with-tag: ${{ needs.build-and-publish-image.outputs.docker-image-name-with-tag }} | ||
|
|
||
| pause-between-primary-deploy-and-verification: | ||
| needs: deploy-primary-app-to-azure | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Pause for 3 minutes | ||
| run: sleep 180 # Sleep for 180 seconds (3 minutes) | ||
|
|
||
| verify-primary-app: | ||
| name: Verify primary health endpoint | ||
| if: ${{inputs.primary-verification-url != '' }} | ||
| needs: [get-version, pause-between-primary-deploy-and-verification] | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout this repo | ||
| uses: actions/[email protected] | ||
| with: | ||
| repository: 'clearlydefined/operations' | ||
| ref: 'elr/verify-health' | ||
|
There was a problem hiding this comment. Need to change this to the new version before we merging |
||
| path: 'operations' | ||
| - name: Validate primary deploy | ||
| id: validate-primary | ||
| shell: bash | ||
| run: | | ||
| script_log=$(./operations/scripts/app-workflows/fetch-deploy-info.sh \ | ||
| "${{ inputs.primary-verification-url }}") || (echo "$script_log" && exit 1) | ||
| echo -e "---- script log\n$script_log\n----"; \ | ||
| response=$(echo "$script_log" | tail -n 1) | ||
| script_log=$(./operations/scripts/app-workflows/validate-deploy.sh \ | ||
| "$response" \ | ||
| "${{ needs.get-version.outputs.version }}" \ | ||
| "${{ github.sha }}") || (echo "$script_log" && exit 1) | ||
| echo -e "---- script log\n$script_log\n----"; \ | ||
| valid=$(echo "$script_log" | tail -n 1) | ||
| if [ "$valid" != "true" ]; then | ||
| echo "Validation of primary deploy failed" | ||
| exit 1 | ||
| fi | ||
|
|
||
| deploy-secondary-app-to-azure: | ||
| name: Deploy to secondary Azure app | ||
| if: ${{ inputs.secondary-azure-app-name-postfix != '' }} | ||
|
|
@@ -143,3 +189,41 @@ jobs: | |
| deploy-env: ${{ inputs.deploy-env }} | ||
| azure-webapp-name: ${{ inputs.azure-app-base-name }}${{ inputs.secondary-azure-app-name-postfix }} | ||
| image-name-with-tag: ${{ needs.build-and-publish-image.outputs.docker-image-name-with-tag }} | ||
|
|
||
| pause-between-secondary-deploy-and-verification: | ||
| needs: deploy-secondary-app-to-azure | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Pause for 3 minutes | ||
| run: sleep 180 # Sleep for 180 seconds (3 minutes) | ||
|
|
||
| verify-secondary-app: | ||
| name: Verify secondary health endpoint | ||
| if: ${{ inputs.secondary-azure-app-name-postfix != '' && inputs.secondary-verification-url != '' }} | ||
| needs: [get-version, pause-between-secondary-deploy-and-verification] | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout this repo | ||
| uses: actions/[email protected] | ||
| with: | ||
| repository: 'clearlydefined/operations' | ||
| ref: 'elr/verify-health' | ||
|
There was a problem hiding this comment. Need to change before merging |
||
| path: 'operations' | ||
| - name: Validate secondary deploy | ||
| id: validate-secondary | ||
| shell: bash | ||
| run: | | ||
| script_log=$(./operations/scripts/app-workflows/fetch-deploy-info.sh \ | ||
| "${{ inputs.secondary-verification-url }}") || (echo "$script_log" && exit 1) | ||
| echo -e "---- script log\n$script_log\n----"; \ | ||
| response=$(echo "$script_log" | tail -n 1) | ||
| script_log=$(./operations/scripts/app-workflows/validate-deploy.sh \ | ||
| "$response" \ | ||
| "${{ needs.get-version.outputs.version }}" \ | ||
| "${{ github.sha }}") || (echo "$script_log" && exit 1) | ||
| echo -e "---- script log\n$script_log\n----"; \ | ||
| valid=$(echo "$script_log" | tail -n 1) | ||
| if [ "$valid" != "true" ]; then | ||
| echo "Validation of secondary deploy failed" | ||
| exit 1 | ||
| fi | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| #!/bin/sh | ||
|
|
||
| # Inputs | ||
| # $1 - verification_url: url to the health endpoint that returns json with version and sha | ||
|
|
||
| # Check if the correct number of arguments are provided | ||
| if [ "$#" -ne 1 ]; then | ||
| echo "Usage: $0 <verification-url> <expected-version> <expected-sha>" | ||
| exit 1 | ||
| fi | ||
| verification_url=$1 | ||
|
|
||
| response=$(curl -s "$verification_url") | ||
|
|
||
| # Check if the curl command was successful | ||
| if [ $? -ne 0 ]; then | ||
| echo "Failed to fetch the verification URL: $verification_url" | ||
| exit 1 | ||
| fi | ||
|
|
||
| echo $response |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| #!/bin/sh | ||
|
|
||
| # Inputs | ||
| # $1 - response: valid json that holds status, version, and sha | ||
| # $2 - expected_version: the version that was deployed | ||
| # $3 - expected_sha: the sha of the code being deployed | ||
|
|
||
| # Check if the correct number of arguments are provided | ||
| if [ "$#" -ne 3 ]; then | ||
| echo "Usage: $0 <response> <expected-version> <expected-sha>; $# parameters received, but 3 are expected" | ||
| exit 1 | ||
| fi | ||
|
|
||
| response=$1 | ||
| expected_version=$2 | ||
| expected_sha=$3 | ||
|
|
||
| # Validate and reformat the response as a JSON string. | ||
| # This is needed because shell scripts pass parameters | ||
| # as simple strings. | ||
| if [ -z "$response" ] || ! echo "$response" | jq empty > /dev/null 2>&1; then | ||
| echo "Error: Invalid JSON string" | ||
| exit 1 | ||
| else | ||
| # If valid, reformat the JSON string | ||
| response_json=$(echo "$response" | jq -c .) | ||
| fi | ||
|
|
||
| # Parse the JSON response | ||
| status=$(echo "$response_json" | jq -r '.status') | ||
| version=$(echo "$response_json" | jq -r '.version') | ||
| sha=$(echo "$response_json" | jq -r '.sha') | ||
|
|
||
| # Validate the response | ||
| if [ "$status" != "OK" ]; then | ||
| echo "Validation failed: status is not OK" | ||
| echo "Expected: OK, Actual: $status" | ||
| exit 1 | ||
| fi | ||
|
|
||
| if [ "$version" != "$expected_version" ]; then | ||
| echo "Validation failed: version mismatch" | ||
| echo "Expected: $expected_version, Actual: $version" | ||
| exit 1 | ||
| fi | ||
|
|
||
| if [ "$sha" != "$expected_sha" ]; then | ||
| echo "Validation failed: sha mismatch" | ||
| echo "Expected: $expected_sha, Actual: $sha" | ||
| exit 1 | ||
| fi | ||
|
|
||
| # If all validations pass | ||
| echo "Validation successful" | ||
| echo "true" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| { "status": "OK", "version": "v2.999.0", "sha": "1234567890ABCDEF" } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| { "status": "OK", "version": "undefined", "sha": "undefined" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| "Invalid Response Format" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| { "status": "OK", "version": "v2.999.0", "sha": "BAD_SHA" } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| { "status": "BAD_STATUS", "version": "v2.999.0", "sha": "1234567890ABCDEF" } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| { "status": "OK", "version": "v1.0.0-BAD", "sha": "1234567890ABCDEF" } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| #!/usr/bin/env bats | ||
|
|
||
| load 'test_helpers' | ||
|
|
||
| @test "Test bogus URL" { | ||
| run ./scripts/app-workflows/fetch-deploy-info.sh "http://localhost/bogus-url" | ||
| test_value 1 "$status" | ||
| test_value "Failed to fetch the verification URL: http://localhost/bogus-url" "${lines[0]}" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| #!/usr/bin/env bats | ||
|
|
||
| load 'test_helpers' | ||
|
|
||
| @test "Test bad status" { | ||
| fixture=$(load_json_fixture "validate-status-error.json") | ||
| run ./scripts/app-workflows/validate-deploy.sh $fixture "v2.999.0" "1234567890ABCDEF" | ||
| test_value 1 "$status" | ||
| test_value "Validation failed: status is not OK" "${lines[0]}" | ||
| test_value "Expected: OK, Actual: BAD_STATUS" "${lines[1]}" | ||
| } | ||
|
|
||
| @test "Test incorrect version" { | ||
| fixture=$(load_json_fixture "validate-version-error.json") | ||
| run ./scripts/app-workflows/validate-deploy.sh $fixture "v2.999.0" "1234567890ABCDEF" | ||
| test_value 1 "$status" | ||
| test_value "Validation failed: version mismatch" "${lines[0]}" | ||
| test_value "Expected: v2.999.0, Actual: v1.0.0-BAD" "${lines[1]}" | ||
| } | ||
|
|
||
| @test "Test incorrect sha" { | ||
| fixture=$(load_json_fixture "validate-sha-error.json") | ||
| run ./scripts/app-workflows/validate-deploy.sh $fixture "v2.999.0" "1234567890ABCDEF" | ||
| test_value 1 "$status" | ||
| test_value "Validation failed: sha mismatch" "${lines[0]}" | ||
| test_value "Expected: 1234567890ABCDEF, Actual: BAD_SHA" "${lines[1]}" | ||
| } | ||
|
|
||
| @test "Test valid response" { | ||
| fixture=$(load_json_fixture "validate-good-response.json") | ||
| run ./scripts/app-workflows/validate-deploy.sh $fixture "v2.999.0" "1234567890ABCDEF" | ||
| test_value 0 "$status" | ||
| } | ||
|
|
||
| @test "Test non-JSON response" { | ||
| fixture=$(load_json_fixture "validate-non-json-response.json") | ||
| run ./scripts/app-workflows/validate-deploy.sh '$fixture' "v2.999.0" "1234567890ABCDEF" | ||
| test_value 1 "$status" | ||
| test_value "Error: Invalid JSON string" "${lines[0]}" | ||
| } | ||
|
|
||
| @test "Test invalid JSON response" { | ||
| fixture=$(load_json_fixture "validate-invalid-json-response.json") | ||
| run ./scripts/app-workflows/validate-deploy.sh '$fixture' "v2.999.0" "1234567890ABCDEF" | ||
| test_value 1 "$status" | ||
| test_value "Error: Invalid JSON string" "${lines[0]}" | ||
| } | ||
|
|
||
| @test "Test empty response" { | ||
| run ./scripts/app-workflows/validate-deploy.sh "" "v2.999.0" "1234567890ABCDEF" | ||
| test_value 1 "$status" | ||
| test_value "Error: Invalid JSON string" "${lines[0]}" | ||
| } | ||
|
There was a problem hiding this comment. Great to be thorough with the tests |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great this is an input as it's going to be different for each app