Skip to content

pwnn-1676 rebuild #2081

pwnn-1676 rebuild

pwnn-1676 rebuild #2081

name: "CI/CD - Full Pipeline"
on:
pull_request:
push:
branches:
- main
- development
- production
jobs:
build_test:
name: Build (Test)
runs-on: ubuntu-20.04
outputs:
docker_image: ${{ steps.build.outputs.docker_image }}
if: ${{ github.ref != 'refs/heads/production' && github.ref != 'refs/heads/development' }}
steps:
- uses: actions/[email protected]
- uses: ./.github/workflows/actions/build-docker-image
name: Build docker image
id: build
with:
target: test
ghcr_username: ${{ secrets.GHCR_USERNAME }}
ghcr_password: ${{ secrets.GHCR_PASSWORD }}
build_release:
name: Build (Release)
runs-on: ubuntu-20.04
outputs:
docker_image: ${{ steps.build.outputs.docker_image }}
steps:
- uses: actions/[email protected]
- uses: ./.github/workflows/actions/build-docker-image
name: Build docker image
id: build
with:
target: app
ghcr_username: ${{ secrets.GHCR_USERNAME }}
ghcr_password: ${{ secrets.GHCR_PASSWORD }}
brakeman:
name: Checks - Brakeman
needs: build_test
runs-on: ubuntu-20.04
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- run: docker run ${{ needs.build_test.outputs.docker_image }} bundle exec brakeman
rubocop:
name: Checks - Rubocop
needs: build_test
runs-on: ubuntu-20.04
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- run: docker run ${{ needs.build_test.outputs.docker_image }} bundle exec rubocop
jest:
name: Checks - Jest
needs: build_test
runs-on: ubuntu-20.04
steps:
- uses: actions/[email protected]
- name: Install node modules
run: yarn install
- name: Run tests
run: yarn jest
rspec:
name: Checks - Rspec
needs: build_test
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
ci_node_total: [6]
ci_node_index: [0, 1, 2, 3, 4, 5]
services:
postgres:
image: postgres
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- 5432:5432
redis:
image: redis
ports:
- 6379:6379
chrome:
image: selenium/standalone-chrome:95.0-chromedriver-95.0
ports:
- 4444:4444
steps:
- name: Run Rspec tests
run: |
docker run --rm \
--network ${{ job.container.network }} \
-e RAILS_ENV=test \
-e DATABASE_URL=postgres://postgres:password@postgres:5432/buy-for-your-school-test \
-e DATABASE_CLEANER_ALLOW_REMOTE_DATABASE_URL="true" \
-e DOCKER=true \
-e SELENIUM_HUB_URL=http://chrome:4444/wd/hub \
-e REDIS_URL=redis://redis:6379 \
-e APPLICATION_URL=http://localhost:3000 \
-e SECRET_KEY_BASE=test \
-e CONTENTFUL_SPACE=test \
-e CONTENTFUL_ENVIRONMENT=master \
-e CONTENTFUL_DELIVERY_TOKEN=123 \
-e CONTENTFUL_PREVIEW_TOKEN=123 \
-e CONTENTFUL_ENTRY_CACHING=false \
-e CONTENTFUL_WEBHOOK_API_KEY=test \
-e NOTIFY_API_KEY=development_team-12345678-1234-1234-1234-abcd12345678-12345678-1234-1234-1234-abcd12345678 \
-e MS_GRAPH_TENANT=test \
-e MS_GRAPH_CLIENT_ID=test \
-e MS_GRAPH_CLIENT_SECRET=test \
-e MS_GRAPH_SHARED_MAILBOX_USER_ID=test \
-e MS_GRAPH_SHARED_MAILBOX_NAME=mailbox \
-e [email protected] \
-e CLAMAV_REST_SERVICE_URL=test \
-e DSI_ENV=test \
-e DFE_SIGN_IN_IDENTIFIER=service \
-e DFE_SIGN_IN_API_SECRET=secret \
-e PROC_OPS_TEAM="DSI Caseworkers" \
-e QUALTRICS_SURVEY_URL=https://dferesearch.fra1.qualtrics.com \
-e [email protected] \
-e FAF_FRAMEWORK_ENDPOINT=http://faf.test \
-e CI_NODE_TOTAL=${{ matrix.ci_node_total }} \
-e CI_NODE_INDEX=${{ matrix.ci_node_index }} \
-e CI=1 \
-v ${PWD}/coverage/coverage-${{ matrix.ci_node_index }}:/srv/app/coverage \
${{ needs.build_test.outputs.docker_image }} \
bash -c "bundle exec rake knapsack:rspec || bundle exec rspec --only-failure"
release_dev:
name: Deploy release (Dev)
runs-on: ubuntu-20.04
needs: build_release
environment: az-dev
if: github.ref == 'refs/heads/development'
steps:
- uses: actions/[email protected]
- uses: ./.github/workflows/actions/deploy-az
with:
docker_image_and_tag: ${{ needs.build_release.outputs.docker_image }}
az_credentials: ${{ secrets.AZURE_SP_CREDENTIALS }}
container_app_name: ${{ secrets.CONTAINER_APP_NAME }}
resource_group_name: ${{ secrets.RESOURCE_GROUP_NAME }}
release_staging:
name: Deploy release (Staging)
runs-on: ubuntu-20.04
needs: build_release
environment: az-staging
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/[email protected]
- uses: ./.github/workflows/actions/deploy-az
with:
docker_image_and_tag: ${{ needs.build_release.outputs.docker_image }}
az_credentials: ${{ secrets.AZURE_SP_CREDENTIALS }}
container_app_name: ${{ secrets.CONTAINER_APP_NAME }}
resource_group_name: ${{ secrets.RESOURCE_GROUP_NAME }}
release_production:
name: Deploy release (Production)
runs-on: ubuntu-20.04
needs: build_release
environment: az-production
if: github.ref == 'refs/heads/production'
steps:
- uses: actions/[email protected]
- uses: ./.github/workflows/actions/deploy-az
with:
docker_image_and_tag: ${{ needs.build_release.outputs.docker_image }}
az_credentials: ${{ secrets.AZURE_SP_CREDENTIALS }}
container_app_name: ${{ secrets.CONTAINER_APP_NAME }}
resource_group_name: ${{ secrets.RESOURCE_GROUP_NAME }}