feat: new action to trigger preemptive failover (#162)

* feat: new action to trigger preemptive failover

* feat: change action name

* chore: disable gold disabling script

.github/helpers/url-setter.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+set -e
+
+if [ "$#" -lt 2 ]; then
+    echo "Invalid number of parameters provided, expected 2"
+    exit 1
+fi
+project=$1
+env=$2
+
+if [ "$project" == "SANDBOX" ]; then
+    urlsuffix="sandbox.loginproxy.gov.bc.ca"
+elif [ "$project" == "PRODUCTION" ]; then
+    urlsuffix="loginproxy.gov.bc.ca"
+else
+    echo "Invalid project name, '$project', entered"
+    exit 1
+fi
+
+if [ "$env" == "dev" ] || [ "$env" == "test" ]; then
+    url="$env.$urlsuffix"
+elif [ "$env" == "prod" ]; then
+    url=$urlsuffix
+else
+    echo "Invalid project env, '$env', entered"
+    exit 1
+fi
+
+echo "KEYCLOAK_URL=$url" >> "$GITHUB_ENV"

.github/workflows/preemptive-failover.yml

@@ -0,0 +1,73 @@
+name: Preemeptive Failover
+
+on:
+  workflow_dispatch:
+    inputs:
+      project:
+        description: "The target project"
+        type: choice
+        required: true
+        options: ["SANDBOX"]
+        default: "SANDBOX"
+      environment:
+        description: "env to deploy"
+        type: choice
+        options: ["dev"]
+        default: "dev"
+
+jobs:
+  preemptive-switchover:
+    runs-on: ubuntu-22.04
+    timeout-minutes: 60
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set the deployment namespace and url
+        run: |
+          chmod +x ./namespace-setter.sh
+          ./namespace-setter.sh ${{ github.event.inputs.project }} ${{ github.event.inputs.environment }}
+          chmod +x ./url-setter.sh
+          ./url-setter.sh ${{ github.event.inputs.project }} ${{ github.event.inputs.environment }}
+        working-directory: .github/helpers
+      - name: Login Openshift Gold & Golddr
+        uses: ./.github/actions/oc-login
+        with:
+          namespace: $NAMESPACE
+          oc-server-gold: ${{ secrets.OPENSHIFT_SERVER_GOLD }}
+          oc-token-gold: ${{ secrets.OPENSHIFT_TOKEN_GOLD }}
+          oc-server-golddr: ${{ secrets.OPENSHIFT_SERVER_GOLDDR }}
+          oc-token-golddr: ${{ secrets.OPENSHIFT_TOKEN_GOLDDR }}
+      - name: Confirm DNS pointing to Gold
+        run: |
+          echo "Confirming the $KEYCLOAK_URL url is now served from Gold"
+          chmod +x ./test-dns.sh
+          ./test-dns.sh $KEYCLOAK_URL gold
+        working-directory: transition-scripts/test-helpers
+
+      - name: Set DR To active
+        run: |
+          chmod +x ./switch-to-golddr.sh
+          ./switch-to-golddr.sh $NAMESPACE
+        working-directory: transition-scripts
+
+      - name: Wait for keycloak dr pods to be up
+        run: |
+          chmod +x ./wait-keycloak-dr-ready.sh
+          ./wait-keycloak-dr-ready.sh $NAMESPACE
+        working-directory: transition-scripts/helpers
+
+      - name: Confirm DR health check passes
+        run: echo "THIS STILL NEEDS TO BE CODED UP"
+
+      # DON'T MESS WITH GOLD CONFIGS UNTIL TESTING ACTION DONE
+      # - name: Disable Gold Route
+      #   run: |
+      #     chmod +x ./enable-disable-gold-route.sh
+      #     ./enable-disable-gold-route.sh $NAMESPACE disable
+      #   working-directory: transition-scripts
+
+      - name: Confirm DNS pointing to GoldDR
+        run: |
+          echo "Confirming the $KEYCLOAK_URL url is now served from GoldDR"
+          chmod +x ./test-dns.sh
+          ./test-dns.sh $KEYCLOAK_URL golddr
+        working-directory: transition-scripts/test-helpers

.github/workflows/test-failover-workflows.yml

@@ -83,7 +83,7 @@ jobs:
         run: |
           chmod +x ./wait-keycloak-dr-ready.sh
           ./wait-keycloak-dr-ready.sh $NAMESPACE
-        working-directory: transition-scripts/test-helpers
+        working-directory: transition-scripts/helpers
       - name: Confirm DNS still pointing to GoldDR
         run: |
           chmod +x ./test-dns.sh