-
Notifications
You must be signed in to change notification settings - Fork 11
API Deployment
Daniel Truong edited this page Feb 28, 2026
·
4 revisions
✅ Status: As of February 2026, eagle-api has been fully migrated to Helm-based deployments in all environments (dev, test, prod).
For current deployment procedures, see:
- Deployment Pipeline - Current CI/CD workflows
- Helm Charts - Helm configuration and management
Production Migration Completed: February 28, 2026
- Migrated from DeploymentConfig to Helm-managed Deployment
- Zero-downtime deployment with PodDisruptionBudget and rolling updates
- Database (eagle-api-mongodb) remains on legacy DeploymentConfig (not touched)
- All routing flows through rproxy Helm deployment
- Latest Deployment: v2.1.1 deployed successfully to all environments (Feb 28, 2026)
| Resource | Type | Status | Management |
|---|---|---|---|
| eagle-api | Deployment | ✅ Active | Helm |
| eagle-api-mongodb | DeploymentConfig | ✅ Active | Legacy (protected) |
| rproxy | Deployment | ✅ Active | Helm |
| eagle-admin | DeploymentConfig | ✅ Active | Legacy |
| eagle-public | DeploymentConfig | ✅ Active | Legacy |
Production URL: https://projects.eao.gov.bc.ca/api
The information below describes the legacy deployment approach used before the Helm migration. Retained for historical reference and troubleshooting older environments.
The platform operates across 4 OpenShift namespaces:
| Namespace | Purpose | Trigger | Image Tag |
|---|---|---|---|
| 6cdc9e-tools | Build configurations, ImageStreams, CI/CD | - | latest |
| 6cdc9e-dev | Development environment | Push to develop branch |
dev |
| 6cdc9e-test | QA/Testing environment | Manual workflow_dispatch | test |
| 6cdc9e-prod | Production environment | Manual workflow_dispatch | prod |
- Platform: OpenShift 4.14+ (Silver cluster)
-
Domain:
apps.silver.devops.gov.bc.ca -
Registry:
image-registry.openshift-image-registry.svc:5000 -
Routes:
- Dev:
https://eagle-dev.apps.silver.devops.gov.bc.ca/api - Test:
https://eagle-test.apps.silver.devops.gov.bc.ca/api - Prod:
https://eagle.gov.bc.ca/api
- Dev:
┌──────────────────────────────────────────────────────────────┐
│ GitHub Repository │
│ - Source code │
│ - Dockerfile │
│ - GitHub Actions workflows │
└──────────────────────────────────────────────────────────────┘
│
│ git push to develop
▼
┌──────────────────────────────────────────────────────────────┐
│ GitHub Actions (CI/CD) │
│ 1. Build Docker image │
│ 2. Tag: <sha>, dev, latest │
│ 3. Push to OpenShift registry │
│ 4. Deploy via oc rollout or image tag │
└──────────────────────────────────────────────────────────────┘
│
│ Image pushed
▼
┌──────────────────────────────────────────────────────────────┐
│ OpenShift Registry (6cdc9e-tools) │
│ - ImageStreams for all services │
│ - Tags: latest, dev, test, prod, <sha> │
└──────────────────────────────────────────────────────────────┘
│
│ ImageStream tag updated
▼
┌──────────────────────────────────────────────────────────────┐
│ OpenShift Deployment (6cdc9e-dev/test/prod) │
│ - DeploymentConfig watches ImageStream │
│ - Auto-triggers on ImageStream change │
│ - Rolling update strategy │
└──────────────────────────────────────────────────────────────┘
Trigger: Push to develop branch
File: .github/workflows/build_and_promote.yaml
on:
push:
branches:
- develop
workflow_dispatch:Process:
- Builds Docker image
- Tags image with commit SHA and
dev - Pushes to OpenShift image registry in
6cdc9e-tools - DeploymentConfig in
6cdc9e-devauto-triggers ondevtag update - Rolling update deploys new pods
URL: https://eagle-dev.apps.silver.devops.gov.bc.ca/api
Trigger: Manual via GitHub Actions UI
File: .github/workflows/deploy-to-test.yaml
on:
workflow_dispatch:
inputs:
image_tag:
description: 'Image tag to deploy (default: dev)'
required: false
default: 'dev'Process:
- Go to Actions → "Deploy to Test" → "Run workflow"
- Enter image tag (default:
dev) or specific commit SHA - Workflow tags image as
testin OpenShift:oc tag 6cdc9e-tools/eagle-api:dev 6cdc9e-tools/eagle-api:test
- DeploymentConfig in
6cdc9e-testauto-triggers
URL: https://eagle-test.apps.silver.devops.gov.bc.ca/api
Trigger: Manual via GitHub Actions UI
File: .github/workflows/deploy-to-prod.yaml
on:
workflow_dispatch:
inputs:
image_tag:
description: 'Image tag to deploy (default: test)'
required: false
default: 'test'Process:
- Go to Actions → "Deploy to Prod" → "Run workflow"
- Enter image tag (default:
test) or specific commit SHA - Workflow tags image as
prodin OpenShift:oc tag 6cdc9e-tools/eagle-api:test 6cdc9e-tools/eagle-api:prod
- DeploymentConfig in
6cdc9e-prodauto-triggers
URL: https://eagle.gov.bc.ca/api
# 1. Push to develop → auto-builds and tags as dev with SHA abc1234
git push origin develop
# Wait for GitHub Actions to complete (builds and deploys to dev)
# 2. Manually promote to test (via GitHub UI)
# - Go to: https://github.com/bcgov/eagle-api/actions
# - Select "Deploy to Test" workflow
# - Click "Run workflow"
# - Input: abc1234 (or leave default "dev")
# - Click "Run workflow" button
# Wait for test deployment to complete
# 3. Manually promote to production (via GitHub UI)
# - Go to: https://github.com/bcgov/eagle-api/actions
# - Select "Deploy to Prod" workflow
# - Click "Run workflow"
# - Input: abc1234 (or leave default "test")
# - Click "Run workflow" buttoneagle-api uses OpenShift image tagging for deployments:
# Dev build creates image with SHA in tools namespace
image-registry.openshift-image-registry.svc:5000/6cdc9e-tools/eagle-api:abc1234
image-registry.openshift-image-registry.svc:5000/6cdc9e-tools/eagle-api:dev
# Tag for test deployment
oc tag 6cdc9e-tools/eagle-api:dev 6cdc9e-tools/eagle-api:test
# Tag for prod deployment
oc tag 6cdc9e-tools/eagle-api:test 6cdc9e-tools/eagle-api:prod| Tag | Purpose | Mutable |
|---|---|---|
<sha> |
Specific commit (e.g., abc1234) |
❌ Immutable |
dev |
Latest dev deployment | ✅ Mutable |
test |
Latest test deployment | ✅ Mutable |
prod |
Latest prod deployment | ✅ Mutable |
latest |
Most recent build | ✅ Mutable |
eagle-api uses DeploymentConfig (OpenShift 3.x pattern, still in use):
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: eagle-api
namespace: 6cdc9e-dev
spec:
replicas: 2
selector:
app: eagle-api
strategy:
type: Rolling
rollingParams:
timeoutSeconds: 600
maxUnavailable: 1
maxSurge: 1
triggers:
- type: ImageChange
imageChangeParams:
automatic: true
containerNames:
- eagle-api
from:
kind: ImageStreamTag
namespace: 6cdc9e-tools
name: 'eagle-api:dev'
template:
spec:
containers:
- name: eagle-api
image: ' ' # Updated by trigger
ports:
- containerPort: 3000
env:
- name: MONGODB_URI
valueFrom:
secretKeyRef:
name: eagle-api-secrets
key: MONGODB_URI
# ... other env varsKey Points:
-
triggers.imageChangeParams.automatic: trueenables auto-deployment -
from.name: 'eagle-api:dev'watches thedevtag in tools namespace - When
devtag is updated, DeploymentConfig triggers a rolling update
eagle-api requires environment variables for configuration:
| Variable | Description | Source |
|---|---|---|
MONGODB_URI |
MongoDB connection string | Secret |
KEYCLOAK_URL |
Keycloak SSO server URL | ConfigMap |
KEYCLOAK_REALM |
Keycloak realm name | ConfigMap |
KEYCLOAK_CLIENT_ID |
Keycloak client ID | ConfigMap |
KEYCLOAK_CLIENT_SECRET |
Keycloak client secret | Secret |
S3_ENDPOINT |
S3/Minio endpoint | ConfigMap |
S3_ACCESS_KEY |
S3 access key | Secret |
S3_SECRET_KEY |
S3 secret key | Secret |
ENVIRONMENT |
Environment name (dev/test/prod) | ConfigMap |
API_LOCATION |
Base API URL | ConfigMap |
ANALYTICS_API_URL |
Analytics service URL | ConfigMap |
Secrets (base64-encoded):
- Database credentials
- API keys
- Keycloak client secrets
ConfigMaps (plain text):
- Service URLs
- Feature flags
- Non-sensitive configuration
# Login to OpenShift
oc login --token=<token> --server=https://api.silver.devops.gov.bc.ca:6443
# Switch to target namespace
oc project 6cdc9e-test
# View deployment history
oc rollout history dc/eagle-api
# Rollback to previous version
oc rollout undo dc/eagle-api
# Rollback to specific revision
oc rollout undo dc/eagle-api --to-revision=5# Find the specific SHA you want to rollback to
oc describe is/eagle-api -n 6cdc9e-tools
# Retag that specific SHA as test
oc tag 6cdc9e-tools/eagle-api:abc1234 6cdc9e-tools/eagle-api:test
# DeploymentConfig will auto-trigger with the older imageeagle-api exposes health endpoints:
# Liveness probe
curl https://eagle-dev.apps.silver.devops.gov.bc.ca/api/health
# Readiness probe
curl https://eagle-dev.apps.silver.devops.gov.bc.ca/api/ready# View pod status
oc get pods -n 6cdc9e-dev -l app=eagle-api
# View logs
oc logs -f deployment/eagle-api -n 6cdc9e-dev
# View events
oc get events -n 6cdc9e-dev --sort-by='.lastTimestamp'See Troubleshooting for common issues and solutions.
- API Architecture - Platform architecture overview
- Configuration Management - Environment variables and config
- Rollback Procedures - Detailed rollback guide
- Troubleshooting - Common issues and solutions
Eagle Documentation
Operations
Architecture
Configuration
Help
Repositories
Environments