From 475bd0c1b466b897146e4c838ab8dbad79763209 Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Mon, 30 Sep 2024 11:26:27 -0600 Subject: [PATCH 1/7] fix yaml --- .github/workflows/deploy.yml | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 8cf33babc..95f18d638 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -74,23 +74,7 @@ jobs: cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} cf_org: gsa-tts-benefits-studio cf_space: notify-staging - push_arguments: >- - --vars-file deploy-config/staging.yml - --var DANGEROUS_SALT="$DANGEROUS_SALT" - --var SECRET_KEY="$SECRET_KEY" - --var ADMIN_CLIENT_USERNAME="notify-admin" - --var ADMIN_CLIENT_SECRET="$ADMIN_CLIENT_SECRET" - --var NEW_RELIC_LICENSE_KEY="$NEW_RELIC_LICENSE_KEY" - --var NR_BROWSER_KEY="$NR_BROWSER_KEY" - --var COMMIT_HASH="$COMMIT_HASH" - --var LOGIN_PEM="$LOGIN_PEM" - --var LOGIN_DOT_GOV_CLIENT_ID="$LOGIN_DOT_GOV_CLIENT_ID" - --var LOGIN_DOT_GOV_USER_INFO_URL="$LOGIN_DOT_GOV_USER_INFO_URL" - --var LOGIN_DOT_GOV_ACCESS_TOKEN_URL="$LOGIN_DOT_GOV_ACCESS_TOKEN_URL" - --var LOGIN_DOT_GOV_LOGOUT_URL="$LOGIN_DOT_GOV_LOGOUT_URL" - --var LOGIN_DOT_GOV_BASE_LOGOUT_URL="$LOGIN_DOT_GOV_BASE_LOGOUT_URL" - --var LOGIN_DOT_GOV_SIGNOUT_REDIRECT="$LOGIN_DOT_GOV_SIGNOUT_REDIRECT" - --var LOGIN_DOT_GOV_INITIAL_SIGNIN_URL="$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL" + cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=${{ DANGEROUS_SALT }} --var var-name=${{ SECRET_KEY }} --var var-name=${{ ADMIN_CLIENT_USERNAME=notify-admin }} --var var-name=${{ ADMIN_CLIENT_SECRET }} --var var-name=${{ NEW_RELIC_LICENSE_KEY }} --var var-name=${{ NR_BROWSER_KEY }} --var var-name=${{ COMMIT_HASH }} --var var-name=${{ LOGIN_PEM }} --var var-name=${{ LOGIN_DOT_GOV_CLIENT_ID }} --var var-name=${{ LOGIN_DOT_GOV_USER_INFO_URL }} --var var-name=${{ LOGIN_DOT_GOV_ACCESS_TOKEN_URL }} --var var-name=${{ LOGIN_DOT_GOV_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_BASE_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_SIGNOUT_REDIRECT }} --var var-name=${{ LOGIN_DOT_GOV_INITIAL_SIGNIN_URL }} --strategy rolling" - name: Check for changes to egress config From 8b9293db0e15f034cd737418d9b89141032d4ee9 Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Mon, 30 Sep 2024 13:42:48 -0600 Subject: [PATCH 2/7] Fix cf_command syntax --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 95f18d638..5f5d2e26d 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -74,7 +74,7 @@ jobs: cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} cf_org: gsa-tts-benefits-studio cf_space: notify-staging - cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=${{ DANGEROUS_SALT }} --var var-name=${{ SECRET_KEY }} --var var-name=${{ ADMIN_CLIENT_USERNAME=notify-admin }} --var var-name=${{ ADMIN_CLIENT_SECRET }} --var var-name=${{ NEW_RELIC_LICENSE_KEY }} --var var-name=${{ NR_BROWSER_KEY }} --var var-name=${{ COMMIT_HASH }} --var var-name=${{ LOGIN_PEM }} --var var-name=${{ LOGIN_DOT_GOV_CLIENT_ID }} --var var-name=${{ LOGIN_DOT_GOV_USER_INFO_URL }} --var var-name=${{ LOGIN_DOT_GOV_ACCESS_TOKEN_URL }} --var var-name=${{ LOGIN_DOT_GOV_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_BASE_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_SIGNOUT_REDIRECT }} --var var-name=${{ LOGIN_DOT_GOV_INITIAL_SIGNIN_URL }} --strategy rolling" + cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=$DANGEROUS_SALT --var var-name=$SECRET_KEY --var var-name=$ADMIN_CLIENT_USERNAME=notify-admin --var var-name=$ADMIN_CLIENT_SECRET --var var-name=$NEW_RELIC_LICENSE_KEY --var var-name=$NR_BROWSER_KEY --var var-name=$COMMIT_HASH --var var-name=$LOGIN_PEM --var var-name=$LOGIN_DOT_GOV_CLIENT_ID --var var-name=$LOGIN_DOT_GOV_USER_INFO_URL --var var-name=$LOGIN_DOT_GOV_ACCESS_TOKEN_URL --var var-name=$LOGIN_DOT_GOV_LOGOUT_URL --var var-name=$LOGIN_DOT_GOV_BASE_LOGOUT_URL --var var-name=$LOGIN_DOT_GOV_SIGNOUT_REDIRECT --var var-name=$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL --strategy rolling" - name: Check for changes to egress config From b7d699feae0714dccdbeb55f46c648ce924d5eaf Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Mon, 30 Sep 2024 13:46:13 -0600 Subject: [PATCH 3/7] Move admin client username to env variable block --- .github/workflows/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 5f5d2e26d..0acfcd565 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -58,6 +58,7 @@ jobs: DANGEROUS_SALT: ${{ secrets.DANGEROUS_SALT }} SECRET_KEY: ${{ secrets.SECRET_KEY }} ADMIN_CLIENT_SECRET: ${{ secrets.ADMIN_CLIENT_SECRET }} + ADMIN_CLIENT_USERNAME: "notify-admin" NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }} NR_BROWSER_KEY: ${{ secrets.NR_BROWSER_KEY }} COMMIT_HASH: ${{ github.sha }} @@ -74,7 +75,7 @@ jobs: cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} cf_org: gsa-tts-benefits-studio cf_space: notify-staging - cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=$DANGEROUS_SALT --var var-name=$SECRET_KEY --var var-name=$ADMIN_CLIENT_USERNAME=notify-admin --var var-name=$ADMIN_CLIENT_SECRET --var var-name=$NEW_RELIC_LICENSE_KEY --var var-name=$NR_BROWSER_KEY --var var-name=$COMMIT_HASH --var var-name=$LOGIN_PEM --var var-name=$LOGIN_DOT_GOV_CLIENT_ID --var var-name=$LOGIN_DOT_GOV_USER_INFO_URL --var var-name=$LOGIN_DOT_GOV_ACCESS_TOKEN_URL --var var-name=$LOGIN_DOT_GOV_LOGOUT_URL --var var-name=$LOGIN_DOT_GOV_BASE_LOGOUT_URL --var var-name=$LOGIN_DOT_GOV_SIGNOUT_REDIRECT --var var-name=$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL --strategy rolling" + cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=$DANGEROUS_SALT --var var-name=$SECRET_KEY --var var-name=$ADMIN_CLIENT_USERNAME --var var-name=$ADMIN_CLIENT_SECRET --var var-name=$NEW_RELIC_LICENSE_KEY --var var-name=$NR_BROWSER_KEY --var var-name=$COMMIT_HASH --var var-name=$LOGIN_PEM --var var-name=$LOGIN_DOT_GOV_CLIENT_ID --var var-name=$LOGIN_DOT_GOV_USER_INFO_URL --var var-name=$LOGIN_DOT_GOV_ACCESS_TOKEN_URL --var var-name=$LOGIN_DOT_GOV_LOGOUT_URL --var var-name=$LOGIN_DOT_GOV_BASE_LOGOUT_URL --var var-name=$LOGIN_DOT_GOV_SIGNOUT_REDIRECT --var var-name=$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL --strategy rolling" - name: Check for changes to egress config From f578a520100efd2756dc68441e2e2aa9ce730f21 Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Mon, 30 Sep 2024 14:34:47 -0600 Subject: [PATCH 4/7] Retry syntax on cf command --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 0acfcd565..6c18e40cc 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -75,7 +75,7 @@ jobs: cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} cf_org: gsa-tts-benefits-studio cf_space: notify-staging - cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=$DANGEROUS_SALT --var var-name=$SECRET_KEY --var var-name=$ADMIN_CLIENT_USERNAME --var var-name=$ADMIN_CLIENT_SECRET --var var-name=$NEW_RELIC_LICENSE_KEY --var var-name=$NR_BROWSER_KEY --var var-name=$COMMIT_HASH --var var-name=$LOGIN_PEM --var var-name=$LOGIN_DOT_GOV_CLIENT_ID --var var-name=$LOGIN_DOT_GOV_USER_INFO_URL --var var-name=$LOGIN_DOT_GOV_ACCESS_TOKEN_URL --var var-name=$LOGIN_DOT_GOV_LOGOUT_URL --var var-name=$LOGIN_DOT_GOV_BASE_LOGOUT_URL --var var-name=$LOGIN_DOT_GOV_SIGNOUT_REDIRECT --var var-name=$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL --strategy rolling" + cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=${{ secrets.DANGEROUS_SALT }} --var var-name=${{ secrets.SECRET_KEY }} --var var-name=${{ ADMIN_CLIENT_USERNAME=admin-notify }} --var var-name=${{ secrets.ADMIN_CLIENT_SECRET }} --var var-name=${{ secrets.NEW_RELIC_LICENSE_KEY }} --var var-name=${{ secrets.NR_BROWSER_KEY }} --var var-name=${{ COMMIT_HASH }} --var var-name=${{ secrets.LOGIN_PEM }} --var var-name=${{ LOGIN_DOT_GOV_CLIENT_ID }} --var var-name=${{ LOGIN_DOT_GOV_USER_INFO_URL }} --var var-name=${{ LOGIN_DOT_GOV_ACCESS_TOKEN_URL }} --var var-name=${{ LOGIN_DOT_GOV_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_BASE_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_SIGNOUT_REDIRECT }} --var var-name=${{ LOGIN_DOT_GOV_INITIAL_SIGNIN_URL }} --strategy rolling" - name: Check for changes to egress config From 6815493f4a6ae6d71c526063f108ea0b6916b282 Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Mon, 30 Sep 2024 14:49:28 -0600 Subject: [PATCH 5/7] Remove brackets from hardcoded var --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 6c18e40cc..2816344e7 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -75,7 +75,7 @@ jobs: cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} cf_org: gsa-tts-benefits-studio cf_space: notify-staging - cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=${{ secrets.DANGEROUS_SALT }} --var var-name=${{ secrets.SECRET_KEY }} --var var-name=${{ ADMIN_CLIENT_USERNAME=admin-notify }} --var var-name=${{ secrets.ADMIN_CLIENT_SECRET }} --var var-name=${{ secrets.NEW_RELIC_LICENSE_KEY }} --var var-name=${{ secrets.NR_BROWSER_KEY }} --var var-name=${{ COMMIT_HASH }} --var var-name=${{ secrets.LOGIN_PEM }} --var var-name=${{ LOGIN_DOT_GOV_CLIENT_ID }} --var var-name=${{ LOGIN_DOT_GOV_USER_INFO_URL }} --var var-name=${{ LOGIN_DOT_GOV_ACCESS_TOKEN_URL }} --var var-name=${{ LOGIN_DOT_GOV_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_BASE_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_SIGNOUT_REDIRECT }} --var var-name=${{ LOGIN_DOT_GOV_INITIAL_SIGNIN_URL }} --strategy rolling" + cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=${{ secrets.DANGEROUS_SALT }} --var var-name=${{ secrets.SECRET_KEY }} --var ADMIN_CLIENT_USERNAME=admin-notify --var var-name=${{ secrets.ADMIN_CLIENT_SECRET }} --var var-name=${{ secrets.NEW_RELIC_LICENSE_KEY }} --var var-name=${{ secrets.NR_BROWSER_KEY }} --var var-name=${{ COMMIT_HASH }} --var var-name=${{ secrets.LOGIN_PEM }} --var var-name=${{ LOGIN_DOT_GOV_CLIENT_ID }} --var var-name=${{ LOGIN_DOT_GOV_USER_INFO_URL }} --var var-name=${{ LOGIN_DOT_GOV_ACCESS_TOKEN_URL }} --var var-name=${{ LOGIN_DOT_GOV_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_BASE_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_SIGNOUT_REDIRECT }} --var var-name=${{ LOGIN_DOT_GOV_INITIAL_SIGNIN_URL }} --strategy rolling" - name: Check for changes to egress config From 64a01e70b7f0544e7d77557d4ef1d1be06eefc5b Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Wed, 2 Oct 2024 07:55:58 -0600 Subject: [PATCH 6/7] Wrap vars with quotes and indent --- .github/workflows/deploy.yml | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2816344e7..8c6656137 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -75,7 +75,33 @@ jobs: cf_password: ${{ secrets.CLOUDGOV_PASSWORD }} cf_org: gsa-tts-benefits-studio cf_space: notify-staging - cf_command: "push -f manifest.yml --vars-file deploy-config/staging.yml --var var-name=${{ secrets.DANGEROUS_SALT }} --var var-name=${{ secrets.SECRET_KEY }} --var ADMIN_CLIENT_USERNAME=admin-notify --var var-name=${{ secrets.ADMIN_CLIENT_SECRET }} --var var-name=${{ secrets.NEW_RELIC_LICENSE_KEY }} --var var-name=${{ secrets.NR_BROWSER_KEY }} --var var-name=${{ COMMIT_HASH }} --var var-name=${{ secrets.LOGIN_PEM }} --var var-name=${{ LOGIN_DOT_GOV_CLIENT_ID }} --var var-name=${{ LOGIN_DOT_GOV_USER_INFO_URL }} --var var-name=${{ LOGIN_DOT_GOV_ACCESS_TOKEN_URL }} --var var-name=${{ LOGIN_DOT_GOV_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_BASE_LOGOUT_URL }} --var var-name=${{ LOGIN_DOT_GOV_SIGNOUT_REDIRECT }} --var var-name=${{ LOGIN_DOT_GOV_INITIAL_SIGNIN_URL }} --strategy rolling" + cf_command: >- + + + + + + push -f manifest.yml + --vars-file deploy-config/staging.yml + --var DANGEROUS_SALT="$DANGEROUS_SALT" + --var SECRET_KEY="$SECRET_KEY" + --var ADMIN_CLIENT_SECRET="$ADMIN_CLIENT_SECRET" + --var ADMIN_CLIENT_USERNAME="$ADMIN_CLIENT_USERNAME" + --var NEW_RELIC_LICENSE_KEY="$NEW_RELIC_LICENSE_KEY" + --var NR_BROWSER_KEY="$NR_BROWSER_KEY" + --var COMMIT_HASH="$COMMIT_HASH" + --var NOTIFY_E2E_TEST_EMAIL="$NOTIFY_E2E_TEST_EMAIL" + --var NOTIFY_E2E_TEST_PASSWORD="$NOTIFY_E2E_TEST_PASSWORD" + --var LOGIN_DOT_GOV_REGISTRATION_URL="$LOGIN_DOT_GOV_REGISTRATION_URL" + --var LOGIN_DOT_GOV_CLIENT_ID="$LOGIN_DOT_GOV_CLIENT_ID" + --var LOGIN_DOT_GOV_USER_INFO_URL="$LOGIN_DOT_GOV_USER_INFO_URL" + --var LOGIN_DOT_GOV_ACCESS_TOKEN_URL="$LOGIN_DOT_GOV_ACCESS_TOKEN_URL" + --var LOGIN_DOT_GOV_LOGOUT_URL="$LOGIN_DOT_GOV_LOGOUT_URL" + --var LOGIN_DOT_GOV_BASE_LOGOUT_URL="$LOGIN_DOT_GOV_BASE_LOGOUT_URL" + --VAR LOGIN_DOT_GOV_SIGNOUT_REDIRECT="$LOGIN_DOT_GOV_SIGNOUT_REDIRECT" + --var LOGIN_DOT_GOV_INITIAL_SIGNIN_URL="$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL" + --var LOGIN_PEM="$LOGIN_PEM" + --strategy rolling - name: Check for changes to egress config From 4e2630d6757913b3066be24433fe679fc86d28e9 Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Wed, 2 Oct 2024 08:18:47 -0600 Subject: [PATCH 7/7] Remove whitespace/fix caps on var --- .github/workflows/deploy.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 754b0b228..19521354b 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -77,8 +77,6 @@ jobs: cf_org: gsa-tts-benefits-studio cf_space: notify-staging cf_command: >- - - push -f manifest.yml --vars-file deploy-config/staging.yml --var DANGEROUS_SALT="$DANGEROUS_SALT" @@ -96,14 +94,13 @@ jobs: --var LOGIN_DOT_GOV_ACCESS_TOKEN_URL="$LOGIN_DOT_GOV_ACCESS_TOKEN_URL" --var LOGIN_DOT_GOV_LOGOUT_URL="$LOGIN_DOT_GOV_LOGOUT_URL" --var LOGIN_DOT_GOV_BASE_LOGOUT_URL="$LOGIN_DOT_GOV_BASE_LOGOUT_URL" - --VAR LOGIN_DOT_GOV_SIGNOUT_REDIRECT="$LOGIN_DOT_GOV_SIGNOUT_REDIRECT" + --var LOGIN_DOT_GOV_SIGNOUT_REDIRECT="$LOGIN_DOT_GOV_SIGNOUT_REDIRECT" --var LOGIN_DOT_GOV_INITIAL_SIGNIN_URL="$LOGIN_DOT_GOV_INITIAL_SIGNIN_URL" --var LOGIN_DOT_GOV_CERTS_URL="$LOGIN_DOT_GOV_CERTS_URL" --var LOGIN_PEM="$LOGIN_PEM" --strategy rolling - - name: Check for changes to egress config id: changed-egress-config uses: tj-actions/changed-files@v44