From 8461537bd465d8784afb7cb7a626e7b5585d2c9d Mon Sep 17 00:00:00 2001 From: RandithaK Date: Sat, 15 Nov 2025 03:28:03 +0530 Subject: [PATCH 1/3] chore: migrate to GitOps workflow with ArgoCD - Update build.yaml with branch-aware image tagging (branch-sha format) - Add update-manifest.yaml to update k8s-config manifests - Backup old deploy.yaml (no longer needed with GitOps) Refs: - k8s-config/argocd/GITOPS_CI_CD_WORKFLOW.md - k8s-config/argocd/SERVICE_MIGRATION_GUIDE.md --- .github/workflows/build.yaml | 73 +++++++++++++++++---- .github/workflows/deploy.yaml.old | 58 +++++++++++++++++ .github/workflows/update-manifest.yaml | 88 ++++++++++++++++++++++++++ 3 files changed, 206 insertions(+), 13 deletions(-) create mode 100644 .github/workflows/deploy.yaml.old create mode 100644 .github/workflows/update-manifest.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 16d7cf7..0ed1902 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,29 +1,33 @@ +# Updated build.yaml template for microservices +# This replaces the old build.yaml to add branch-aware image tagging + name: Build and Package Service + on: push: branches: - 'main' - - 'devOps' - 'dev' pull_request: branches: - 'main' - - 'devOps' - 'dev' permissions: contents: read - packages: write + packages: write jobs: + # JOB 1: Build and test (runs on all pushes and PRs) build-test: - name: Install and Build (Tests Skipped) + name: Build and Test runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 + # For Java/Spring Boot services: - name: Set up JDK 17 uses: actions/setup-java@v4 with: @@ -39,39 +43,68 @@ jobs: restore-keys: | ${{ runner.os }}-maven- - - name: Build with Maven (Skip Tests) + - name: Build with Maven run: mvn -B clean package -DskipTests --file project-service/pom.xml - - name: Upload Build Artifact (JAR) + - name: Upload Build Artifact uses: actions/upload-artifact@v4 with: - name: project-service-jar + name: service-jar path: project-service/target/*.jar + # For Node.js/Next.js services (Frontend): + # - name: Use Node.js and cache npm + # uses: actions/setup-node@v4 + # with: + # node-version: '22' + # cache: 'npm' + # + # - name: Install dependencies + # run: npm ci + # + # - name: Run linter + # run: npm run lint + # + # - name: Build + # run: npm run build + + # JOB 2: Package as Docker image (only on pushes to main/dev, not PRs) build-and-push-docker: name: Build & Push Docker Image - if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/devOps' || github.ref == 'refs/heads/dev' + needs: build-test + if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev') runs-on: ubuntu-latest - needs: build-test - + steps: - name: Checkout code uses: actions/checkout@v4 + # For Java services: download JAR from previous job - name: Download JAR Artifact uses: actions/download-artifact@v4 with: - name: project-service-jar + name: service-jar path: project-service/target/ - - name: Docker meta + - name: Extract branch name + id: branch + run: | + BRANCH_NAME=${GITHUB_REF#refs/heads/} + echo "name=${BRANCH_NAME}" >> $GITHUB_OUTPUT + echo "📍 Building for branch: ${BRANCH_NAME}" + + - name: Docker meta (with branch-aware tags) id: meta uses: docker/metadata-action@v5 with: images: ghcr.io/techtorque-2025/project_service tags: | - type=sha,prefix= + # Branch + short SHA (e.g., dev-abc1234 or main-xyz5678) + type=raw,value=${{ steps.branch.outputs.name }}-{{sha}},enable=true + # Latest tag only for main branch type=raw,value=latest,enable={{is_default_branch}} + flavor: | + latest=false - name: Log in to GHCR uses: docker/login-action@v3 @@ -87,3 +120,17 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + + - name: Image Summary + run: | + echo "### 🐳 Docker Image Built" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "**Tags pushed:**" >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + echo "${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + +# REPLACEMENTS NEEDED: +# - project-service: e.g., "auth-service", "time-logging-service" (for Java services) +# - project_service: e.g., "authentication", "timelogging_service", "frontend_web" +# - Uncomment Node.js steps for Frontend_Web diff --git a/.github/workflows/deploy.yaml.old b/.github/workflows/deploy.yaml.old new file mode 100644 index 0000000..b8a0866 --- /dev/null +++ b/.github/workflows/deploy.yaml.old @@ -0,0 +1,58 @@ +name: Deploy Project Service to Kubernetes + +on: + workflow_run: + workflows: ["Build and Package Service"] + types: + - completed + branches: + - 'main' + - 'devOps' + +jobs: + deploy: + name: Deploy Project Service to Kubernetes + if: ${{ github.event.workflow_run.conclusion == 'success' }} + runs-on: ubuntu-latest + + steps: + - name: Get Commit SHA + id: get_sha + run: | + echo "sha=$(echo ${{ github.event.workflow_run.head_sha }} | cut -c1-7)" >> $GITHUB_OUTPUT + + - name: Checkout K8s Config Repo + uses: actions/checkout@v4 + with: + repository: 'TechTorque-2025/k8s-config' + token: ${{ secrets.REPO_ACCESS_TOKEN }} + path: 'config-repo' + ref: 'main' + + - name: Install kubectl + uses: azure/setup-kubectl@v3 + + - name: Install yq + run: | + sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq + sudo chmod +x /usr/bin/yq + + - name: Set Kubernetes context + uses: azure/k8s-set-context@v4 + with: + kubeconfig: ${{ secrets.KUBE_CONFIG_DATA }} + + - name: Update image tag in YAML + run: | + yq -i '(select(.kind == "Deployment") | .spec.template.spec.containers[0].image) = "ghcr.io/techtorque-2025/project_service:${{ steps.get_sha.outputs.sha }}"' config-repo/k8s/services/project-deployment.yaml + + - name: Display file contents before apply + run: | + echo "--- Displaying k8s/services/project-deployment.yaml ---" + cat config-repo/k8s/services/project-deployment.yaml + echo "---------------------------------------------------------" + + - name: Deploy to Kubernetes + run: | + kubectl apply -f config-repo/k8s/services/project-deployment.yaml + kubectl rollout status deployment/project-deployment diff --git a/.github/workflows/update-manifest.yaml b/.github/workflows/update-manifest.yaml new file mode 100644 index 0000000..75fd778 --- /dev/null +++ b/.github/workflows/update-manifest.yaml @@ -0,0 +1,88 @@ +# GitHub Actions Workflow Template for GitOps with ArgoCD +# This workflow should replace the old deploy.yaml in each microservice repo + +name: Update K8s Manifest + +on: + workflow_run: + workflows: ["Build and Package Service"] # Or "Build, Test, and Package Frontend" for Frontend_Web + types: [completed] + branches: ['main', 'dev'] + +jobs: + update-manifest: + name: Update Image Tag in k8s-config + if: ${{ github.event.workflow_run.conclusion == 'success' }} + runs-on: ubuntu-latest + + steps: + - name: Get branch and SHA info + id: info + run: | + BRANCH="${{ github.event.workflow_run.head_branch }}" + SHORT_SHA="$(echo ${{ github.event.workflow_run.head_sha }} | cut -c1-7)" + echo "branch=${BRANCH}" >> $GITHUB_OUTPUT + echo "sha=${SHORT_SHA}" >> $GITHUB_OUTPUT + echo "📍 Branch: ${BRANCH}, SHA: ${SHORT_SHA}" + + - name: Checkout k8s-config repo (matching branch) + uses: actions/checkout@v4 + with: + repository: 'TechTorque-2025/k8s-config' + token: ${{ secrets.REPO_ACCESS_TOKEN }} + ref: ${{ steps.info.outputs.branch }} # Checkout dev or main to match microservice branch + path: 'k8s-config' + + - name: Install yq (YAML processor) + run: | + sudo wget -qO /usr/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 + sudo chmod +x /usr/bin/yq + + - name: Update image tag in deployment manifest + env: + SERVICE_NAME: "project_service" # e.g., "timelogging_service", "frontend_web", "authentication" + DEPLOYMENT_FILE: "project-deployment.yaml" # e.g., "timelogging-deployment.yaml", "frontend-deployment.yaml" + run: | + cd k8s-config + NEW_IMAGE="ghcr.io/techtorque-2025/${SERVICE_NAME}:${{ steps.info.outputs.branch }}-${{ steps.info.outputs.sha }}" + + echo "🔄 Updating ${DEPLOYMENT_FILE} to use image: ${NEW_IMAGE}" + + yq eval -i \ + '(select(.kind == "Deployment") | .spec.template.spec.containers[0].image) = env(NEW_IMAGE)' \ + k8s/services/${DEPLOYMENT_FILE} + + echo "✅ Updated manifest:" + yq eval 'select(.kind == "Deployment") | .spec.template.spec.containers[0].image' k8s/services/${DEPLOYMENT_FILE} + + - name: Commit and push changes + env: + SERVICE_NAME: "project_service" + run: | + cd k8s-config + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + git add k8s/services/ + + if git diff --cached --quiet; then + echo "⚠️ No changes detected, skipping commit" + exit 0 + fi + + git commit -m "chore(${SERVICE_NAME}): update image to ${{ steps.info.outputs.branch }}-${{ steps.info.outputs.sha }}" \ + -m "Triggered by: ${{ github.event.workflow_run.html_url }}" + + git push origin ${{ steps.info.outputs.branch }} + + echo "✅ Pushed manifest update to k8s-config/${{ steps.info.outputs.branch }}" + echo "🚀 ArgoCD will automatically deploy this change" + + - name: Summary + run: | + echo "### 🎉 Manifest Update Complete" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "- **Branch**: ${{ steps.info.outputs.branch }}" >> $GITHUB_STEP_SUMMARY + echo "- **Image Tag**: ${{ steps.info.outputs.branch }}-${{ steps.info.outputs.sha }}" >> $GITHUB_STEP_SUMMARY + echo "- **Manifest Updated**: k8s/services/project-deployment.yaml" >> $GITHUB_STEP_SUMMARY + echo "- **Next Step**: ArgoCD will sync this change to the cluster" >> $GITHUB_STEP_SUMMARY From a37cef02469b154e077d9d0b4b84a6ec70f6bd07 Mon Sep 17 00:00:00 2001 From: RandithaK Date: Sat, 15 Nov 2025 04:33:22 +0530 Subject: [PATCH 2/3] fix: use export for NEW_IMAGE variable in yq command (fixes --arg incompatibility) --- .github/workflows/update-manifest.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-manifest.yaml b/.github/workflows/update-manifest.yaml index 75fd778..41a7d7c 100644 --- a/.github/workflows/update-manifest.yaml +++ b/.github/workflows/update-manifest.yaml @@ -45,13 +45,14 @@ jobs: run: | cd k8s-config NEW_IMAGE="ghcr.io/techtorque-2025/${SERVICE_NAME}:${{ steps.info.outputs.branch }}-${{ steps.info.outputs.sha }}" - + export NEW_IMAGE + echo "🔄 Updating ${DEPLOYMENT_FILE} to use image: ${NEW_IMAGE}" - + yq eval -i \ '(select(.kind == "Deployment") | .spec.template.spec.containers[0].image) = env(NEW_IMAGE)' \ k8s/services/${DEPLOYMENT_FILE} - + echo "✅ Updated manifest:" yq eval 'select(.kind == "Deployment") | .spec.template.spec.containers[0].image' k8s/services/${DEPLOYMENT_FILE} From 280c1332bd4416ded2bd76d12d61d5cc71c63644 Mon Sep 17 00:00:00 2001 From: RandithaK Date: Sat, 15 Nov 2025 12:47:33 +0530 Subject: [PATCH 3/3] chore: commit workspace changes for gitops flow --- .../{buildtest.yaml => build-test.yaml} | 0 .github/workflows/build.yaml | 64 ++----------------- .github/workflows/deploy.yaml | 58 ----------------- .github/workflows/update-manifest.yaml | 2 +- 4 files changed, 5 insertions(+), 119 deletions(-) rename .github/workflows/{buildtest.yaml => build-test.yaml} (100%) delete mode 100644 .github/workflows/deploy.yaml diff --git a/.github/workflows/buildtest.yaml b/.github/workflows/build-test.yaml similarity index 100% rename from .github/workflows/buildtest.yaml rename to .github/workflows/build-test.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 0ed1902..a0aaa63 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,33 +1,24 @@ -# Updated build.yaml template for microservices -# This replaces the old build.yaml to add branch-aware image tagging - -name: Build and Package Service +name: Build and Push Docker Image on: push: branches: - 'main' - 'dev' - pull_request: - branches: - - 'main' - - 'dev' permissions: contents: read packages: write jobs: - # JOB 1: Build and test (runs on all pushes and PRs) - build-test: - name: Build and Test + build-and-push: + name: Build & Push Docker Image runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - # For Java/Spring Boot services: - name: Set up JDK 17 uses: actions/setup-java@v4 with: @@ -46,46 +37,6 @@ jobs: - name: Build with Maven run: mvn -B clean package -DskipTests --file project-service/pom.xml - - name: Upload Build Artifact - uses: actions/upload-artifact@v4 - with: - name: service-jar - path: project-service/target/*.jar - - # For Node.js/Next.js services (Frontend): - # - name: Use Node.js and cache npm - # uses: actions/setup-node@v4 - # with: - # node-version: '22' - # cache: 'npm' - # - # - name: Install dependencies - # run: npm ci - # - # - name: Run linter - # run: npm run lint - # - # - name: Build - # run: npm run build - - # JOB 2: Package as Docker image (only on pushes to main/dev, not PRs) - build-and-push-docker: - name: Build & Push Docker Image - needs: build-test - if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev') - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - # For Java services: download JAR from previous job - - name: Download JAR Artifact - uses: actions/download-artifact@v4 - with: - name: service-jar - path: project-service/target/ - - name: Extract branch name id: branch run: | @@ -99,9 +50,7 @@ jobs: with: images: ghcr.io/techtorque-2025/project_service tags: | - # Branch + short SHA (e.g., dev-abc1234 or main-xyz5678) type=raw,value=${{ steps.branch.outputs.name }}-{{sha}},enable=true - # Latest tag only for main branch type=raw,value=latest,enable={{is_default_branch}} flavor: | latest=false @@ -120,7 +69,7 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - + - name: Image Summary run: | echo "### 🐳 Docker Image Built" >> $GITHUB_STEP_SUMMARY @@ -129,8 +78,3 @@ jobs: echo '```' >> $GITHUB_STEP_SUMMARY echo "${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY - -# REPLACEMENTS NEEDED: -# - project-service: e.g., "auth-service", "time-logging-service" (for Java services) -# - project_service: e.g., "authentication", "timelogging_service", "frontend_web" -# - Uncomment Node.js steps for Frontend_Web diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml deleted file mode 100644 index b8a0866..0000000 --- a/.github/workflows/deploy.yaml +++ /dev/null @@ -1,58 +0,0 @@ -name: Deploy Project Service to Kubernetes - -on: - workflow_run: - workflows: ["Build and Package Service"] - types: - - completed - branches: - - 'main' - - 'devOps' - -jobs: - deploy: - name: Deploy Project Service to Kubernetes - if: ${{ github.event.workflow_run.conclusion == 'success' }} - runs-on: ubuntu-latest - - steps: - - name: Get Commit SHA - id: get_sha - run: | - echo "sha=$(echo ${{ github.event.workflow_run.head_sha }} | cut -c1-7)" >> $GITHUB_OUTPUT - - - name: Checkout K8s Config Repo - uses: actions/checkout@v4 - with: - repository: 'TechTorque-2025/k8s-config' - token: ${{ secrets.REPO_ACCESS_TOKEN }} - path: 'config-repo' - ref: 'main' - - - name: Install kubectl - uses: azure/setup-kubectl@v3 - - - name: Install yq - run: | - sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq - sudo chmod +x /usr/bin/yq - - - name: Set Kubernetes context - uses: azure/k8s-set-context@v4 - with: - kubeconfig: ${{ secrets.KUBE_CONFIG_DATA }} - - - name: Update image tag in YAML - run: | - yq -i '(select(.kind == "Deployment") | .spec.template.spec.containers[0].image) = "ghcr.io/techtorque-2025/project_service:${{ steps.get_sha.outputs.sha }}"' config-repo/k8s/services/project-deployment.yaml - - - name: Display file contents before apply - run: | - echo "--- Displaying k8s/services/project-deployment.yaml ---" - cat config-repo/k8s/services/project-deployment.yaml - echo "---------------------------------------------------------" - - - name: Deploy to Kubernetes - run: | - kubectl apply -f config-repo/k8s/services/project-deployment.yaml - kubectl rollout status deployment/project-deployment diff --git a/.github/workflows/update-manifest.yaml b/.github/workflows/update-manifest.yaml index 41a7d7c..1e75d62 100644 --- a/.github/workflows/update-manifest.yaml +++ b/.github/workflows/update-manifest.yaml @@ -5,7 +5,7 @@ name: Update K8s Manifest on: workflow_run: - workflows: ["Build and Package Service"] # Or "Build, Test, and Package Frontend" for Frontend_Web + workflows: ["Build and Push Docker Image"] # Or "Build, Test, and Package Frontend" for Frontend_Web types: [completed] branches: ['main', 'dev']