Spike/multidev

.github/workflows/reviewapp.yml

@@ -0,0 +1,110 @@
+name: Deploy review app
+
+on: pull_request
+
+jobs:
+  pr_commented:
+    # This job only runs for pull request comments
+    name: PR comment
+    #if: ${{ github.event.issue.pull_request }} && contains(github.event.comment.body, '/deploy')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Log in to Azure
+        uses: azure/login@v1
+        with:
+          creds: '{"clientId":"${{ vars.ARM_CLIENT_ID }}","clientSecret":"${{ secrets.ARM_CLIENT_SECRET }}","subscriptionId":"${{ vars.ARM_SUBSCRIPTION_ID }}","tenantId":"${{ vars.ARM_TENANT_ID }}"}'
+
+      - name: Deploy review app
+        id: deploy
+        env:
+          ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+          REF_NAME: ${{ github.head_ref }}
+        run: |
+          CI_COMMIT_BRANCH="$REF_NAME"
+          ENV_SLUG=$(echo "${REF_NAME}" | sed -e 's:[^[:alpha:]|^[:digit:]]:-:g' | sed -e 's/\(.*\)/\L\1/')
+          tag=":$ENV_SLUG"
+          az extension add --name containerapp
+          az containerapp job start -n portal-dbclone --resource-group rg-ecc-portal-uks-dev --subscription "Essex County Council (Portal)" --image "acreccuksdev.azurecr.io/dbclone" --env-vars "NEW_DB_SUFFIX=${ENV_SLUG}" 'MYSQL_HOST=mariadb-ecc-uks-dev.mariadb.database.azure.com' 'MYSQL_USER=mariadb-root' 'MYSQL_DATABASE=drupal_portal' 'MYSQL_PASSWORD=secretref:mysql-password' --container-name dbclonea --cpu 0.75 --memory 1.5
+          echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
+          sleep 4m
+          echo "Creating new revision of Container App"
+          cat > revision.yml <<EOF
+          properties:
+            template:
+              revisionSuffix: gh${GITHUB_RUN_ID}
+              scale:
+                minReplicas: 0
+                maxReplicas: 1
+                rules:
+                  - name: "http-rule"
+                    http:
+                      metadata:
+                        concurrentRequests: 40
+              containers:
+                - image: acreccuksdev.azurecr.io/portal-nginx-drupal$tag
+                  name: nginx
+                  resources:
+                    cpu: 0.25
+                    memory: 0.5Gi
+                  volumeMounts:
+                  - mountPath: /drupal/web/sites/default/files
+                    volumeName: filesharevol
+                  env:
+                  - name: X_ROBOTS_TAG
+                    value: noindex
+                  probes:
+                  - type: liveness
+                    httpGet:
+                      path: "/dd822309-ae33-4e29-addf-869b07453a06"
+                      port: 80
+                    initialDelaySeconds: 5
+                    periodSeconds: 3
+                - image: acreccuksdev.azurecr.io/portal-drupal-fpm$tag
+                  name: drupal
+                  resources:
+                    cpu: 0.75
+                    memory: 1.5Gi
+                  volumeMounts:
+                  - mountPath: /drupal/web/sites/default/files
+                    volumeName: filesharevol
+                  - mountPath: /drupal/data/default/private
+                    volumeName: privsharevol
+                  env:
+                  - name: MYSQL_HOST
+                    value: mariadb-ecc-uks-dev.mariadb.database.azure.com
+                  - name: MYSQL_USER
+                    value: mariadb-root
+                  - name: MYSQL_DATABASE
+                    value: drupal_ci_${ENV_SLUG}
+                  - name: MYSQL_PASSWORD
+                    secretRef: mysql-password
+                  - name: OPENID_CONNECT_PARAMS
+                    secretRef: openid-connect-params
+                  probes:
+                  - type: liveness
+                    tcpSocket:
+                      port: 9000
+                    initialDelaySeconds: 5
+                    periodSeconds: 3
+          EOF
+          az containerapp revision copy --name portal --resource-group rg-ecc-portal-uks-dev --yaml revision.yml --subscription "Essex County Council (Portal)" | tee revision.json 
+          az containerapp revision label add --no-prompt --resource-group rg-ecc-portal-uks-dev --name portal --label ${ENV_SLUG} --revision portal--gh${GITHUB_RUN_ID} --subscription "Essex County Council (Portal)"
+          echo "env_slug=${ENV_SLUG}" >> "$GITHUB_OUTPUT"
+
+      - name: Find Comment
+        uses: peter-evans/find-comment@v3
+        id: fc
+        with:
+          issue-number: ${{ github.event.pull_request.number }}
+          comment-author: 'github-actions[bot]'
+          body-includes: Review application
+
+      - name: Create or update comment
+        uses: peter-evans/create-or-update-comment@v4
+        with:
+          comment-id: ${{ steps.fc.outputs.comment-id }}
+          issue-number: ${{ github.event.pull_request.number }}
+          body: |
+            Review application
+            https://portal---${{ steps.deploy.outputs.env_slug }}.livelyforest-609fad32.uksouth.azurecontainerapps.io/
+          edit-mode: replace

.gitlab-ci.yml

@@ -41,9 +41,9 @@ build-and-push-images:
     - docker build -t ${DOCKER_REGISTRY}/portal-drupal-fpm -t ${DOCKER_REGISTRY}/portal-drupal-fpm${tag} -t portal-drupal-fpm -f Dockerfile-drupal .
     - docker build -t ${DOCKER_REGISTRY}/portal-nginx-drupal -t ${DOCKER_REGISTRY}/portal-nginx-drupal${tag} -t portal-nginx-drupal -f Dockerfile-nginx .
     - docker build -t ${DOCKER_REGISTRY}/portal-nginx-redirect -t ${DOCKER_REGISTRY}/portal-nginx-redirect${tag} -t portal-nginx-redirect -f Dockerfile-nginx-redirect .
-    - docker push ${DOCKER_REGISTRY}/portal-nginx-drupal
-    - docker push ${DOCKER_REGISTRY}/portal-drupal-fpm
-    - docker push ${DOCKER_REGISTRY}/portal-nginx-redirect
+    - docker push ${DOCKER_REGISTRY}/portal-nginx-drupal${tag}
+    - docker push ${DOCKER_REGISTRY}/portal-drupal-fpm${tag}
+    - docker push ${DOCKER_REGISTRY}/portal-nginx-redirect${tag}
 
 generate-sbom:
   stage: build
@@ -122,7 +122,7 @@ deploy-to-dev:
           revisionSuffix: ${CI_PIPELINE_ID}
           scale:
             minReplicas: 0
-            maxReplicas: 2
+            maxReplicas: 1
             rules:
               - name: "http-rule"
                 http:
@@ -175,10 +175,11 @@ deploy-to-dev:
                 initialDelaySeconds: 5
                 periodSeconds: 3
       EOF
-    - az containerapp revision copy --name portal --resource-group rg-ecc-portal-uks-dev --yaml revision.yml --subscription "Essex County Council (Portal)"
+    - az containerapp revision copy --name portal --resource-group rg-ecc-portal-uks-dev --yaml revision.yml --subscription "Essex County Council (Portal)" | tee revision.json 
   rules:
     - if: '$CI_COMMIT_BRANCH == "develop"'
-    - when: manual
+    - if: '$CI_PIPELINE_SOURCE != "external_pull_request_event"'
+      when: manual
 
 drush-deploy-dev:
   image: mcr.microsoft.com/azure-cli
@@ -193,7 +194,8 @@ drush-deploy-dev:
     - timeout 1200 socat EXEC:'az containerapp exec --command /drupal/deploy.sh --name portal --container drupal --resource-group rg-ecc-portal-uks-dev',pty,setsid,ctty STDIO,ignoreeof
   rules:
     - if: '$CI_COMMIT_BRANCH == "develop"'
-    - when: manual
+    - if: '$CI_PIPELINE_SOURCE != "external_pull_request_event"'
+      when: manual
 
 deploy-to-preprod:
   image: mcr.microsoft.com/azure-cli
@@ -287,7 +289,8 @@ deploy-to-preprod:
     - echo "Creating new revision of Container App"
     - az containerapp revision copy --name portal --resource-group rg-ecc-portal-uks-pre --yaml revision.yml --subscription "Essex County Council (Portal)"
   rules:
-    - when: manual
+    - if: '$CI_PIPELINE_SOURCE != "external_pull_request_event"'
+      when: manual
 
 drush-deploy-preprod:
   image: mcr.microsoft.com/azure-cli
@@ -301,7 +304,8 @@ drush-deploy-preprod:
   script:
     - timeout 1200 socat EXEC:'az containerapp exec --command /drupal/deploy.sh --name portal --container drupal --resource-group rg-ecc-portal-uks-pre',pty,setsid,ctty STDIO,ignoreeof
   rules:
-    - when: manual
+    - if: '$CI_PIPELINE_SOURCE != "external_pull_request_event"'
+      when: manual
 
 deploy-to-prod:
   image: mcr.microsoft.com/azure-cli

trigger

@@ -0,0 +1 @@
+b