Chore: Upgrade Dependencies #945
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy | |
| on: | |
| push: | |
| branches: ["main"] | |
| tags: ["v1.[0-9]+.[0-9]+.[0-9]+"] | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| jobs: | |
| eslint: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| node-version: [20.x] | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: yarn | |
| cache-dependency-path: yarn.lock | |
| - name: Install dependencies | |
| run: yarn install --immutable | |
| - name: Run eslint | |
| run: yarn lint | |
| - name: Test build | |
| run: yarn build | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| needs: eslint | |
| strategy: | |
| matrix: | |
| facility: [zdv, zan, hcf, zlc, zfw, zkc, zid] | |
| include: | |
| - facility: hcf | |
| name: HCF | |
| secret: ADH_PIPELINE_PAT | |
| repo: vphzh/gitops | |
| frontend: adhp/hcf-frontend | |
| - facility: zan | |
| name: PAZA | |
| secret: ADH_PIPELINE_PAT | |
| repo: vpaza/gitops | |
| frontend: adhp/zan-frontend | |
| - facility: zdv | |
| name: KZDV | |
| secret: GH_PIPELINE_PAT | |
| repo: kzdv/gitops | |
| frontend: adhp/zdv-frontend | |
| - facility: zfw | |
| name: KZFW | |
| secret: ADH_PIPELINE_PAT | |
| repo: kzfw/gitops | |
| frontend: adhp/frontend | |
| - facility: zlc | |
| name: KZLC | |
| secret: KZLC_GITOPS_TOKEN | |
| repo: kzlc/gitops | |
| frontend: adhp/zlc-frontend | |
| - facility: zkc | |
| name: KZKC | |
| secret: KZKC_GITOPS_TOKEN | |
| repo: kzkcartcc/gitops | |
| frontend: adhp/zkc-frontend | |
| - facility: zid | |
| name: KZID | |
| secret: KZID_GITOPS_TOKEN | |
| repo: zid-wm/gitops | |
| frontend: adhp/zid-frontend | |
| steps: | |
| - uses: actions/checkout@v3 | |
| name: Checkout repo | |
| - name: Set sha_short | |
| id: vars | |
| run: |- | |
| echo "sha_short=$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV | |
| # Set default branch name for PRs, as we still want to test build an image on PRs | |
| # but we have no branch to set a tag for. | |
| branch="test" | |
| if [[ "$GITHUB_REF" == "refs/heads/"* ]]; then | |
| branch="${GITHUB_REF#refs/heads/}" | |
| fi | |
| echo "branch=${branch}" >> $GITHUB_ENV | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Install cosign | |
| uses: sigstore/cosign-installer@main | |
| with: | |
| cosign-release: 'v1.13.1' | |
| - name: Create .env | |
| run: | | |
| SHA_SHORT=$(echo ${{ github.sha }} | cut -c1-7) | |
| cat <<EOF > .env | |
| VITE_GIT_HASH="$SHA_SHORT" | |
| EOF | |
| - name: Set base version from .version | |
| if: ${{ !startsWith(github.ref, 'refs/tags/v') }} | |
| run: | | |
| VERSION=$(cat .version | tr -d '\n') | |
| echo "VITE_VERSION_BASE=$VERSION" >> .env | |
| - name: Set version as tag | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| run: | | |
| echo "VITE_VERSION_BASE=$GITHUB_REF_NAME" >> .env | |
| - name: Setup Facility file | |
| run: | | |
| cp src/facility-${{ matrix.facility }}.ts src/facility.ts | |
| - name: Build Image | |
| if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') }} | |
| run: | | |
| docker build -t ${{ secrets.DOCKER_USERNAME }}/frontend:${{ matrix.facility }}-${{ github.ref_name }}-${{ env.sha_short }} -t ${{ secrets.DOCKER_USERNAME }}/frontend:${{ matrix.facility }}-${{ github.ref_name }} . | |
| # If dev branch, we want to target the dev API... so we do this through an ARG that sets the mode to staging. | |
| - name: Build Staging Image | |
| if: ${{ env.branch == 'main' }} | |
| run: | | |
| docker build --build-arg build_cmd="build-dev" -t ${{ secrets.DOCKER_USERNAME }}/frontend:${{ matrix.facility }}-${{ env.branch }}-${{ env.sha_short }} -t ${{ secrets.DOCKER_USERNAME }}/frontend:${{ matrix.facility }}-${{ env.branch }} . | |
| - name: Build test image | |
| if: ${{ github.event_name == 'pull_request' }} | |
| run: | | |
| docker build --build-arg build_cmd="build-dev" -t ${{ secrets.DOCKER_USERNAME }}/frontend:trash . | |
| - name: Push Image | |
| if: ${{ github.event_name == 'push' }} | |
| run: | | |
| docker push --all-tags ${{ secrets.DOCKER_USERNAME }}/frontend | |
| - name: Sign image | |
| if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') }} | |
| env: | |
| COSIGN_PASSWORD: ${{ secrets.COSIGN_PRIVATE_KEY_PASSWORD }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} | |
| run: | | |
| image_digest_sha=$(docker inspect --format='{{index .RepoDigests 0}}' ${{ secrets.DOCKER_USERNAME }}/frontend:${{ matrix.facility }}-${{ github.ref_name }}-${{ env.sha_short }}) | |
| image_digest_branch=$(docker inspect --format='{{index .RepoDigests 0}}' ${{ secrets.DOCKER_USERNAME }}/frontend:${{ matrix.facility }}-${{ github.ref_name }}) | |
| cosign sign --key env://COSIGN_PRIVATE_KEY $image_digest_sha $image_digest_branch | |
| ########################################################################################################### | |
| deploy: | |
| name: Update ${{ matrix.facility.name }} GitOps Repo | |
| strategy: | |
| matrix: | |
| facility: [zdv, zan, hcf, zlc, zfw, zkc, zid] | |
| include: | |
| - facility: hcf | |
| name: HCF | |
| secret: ADH_PIPELINE_PAT | |
| repo: vphzh/gitops | |
| frontend: adhp/hcf-frontend | |
| - facility: zan | |
| name: PAZA | |
| secret: ADH_PIPELINE_PAT | |
| repo: vpaza/gitops | |
| frontend: adhp/zan-frontend | |
| - facility: zdv | |
| name: KZDV | |
| secret: GH_PIPELINE_PAT | |
| repo: kzdv/gitops | |
| frontend: adhp/zdv-frontend | |
| - facility: zfw | |
| name: KZFW | |
| secret: ADH_PIPELINE_PAT | |
| repo: kzfw/gitops | |
| frontend: adhp/frontend | |
| - facility: zlc | |
| name: KZLC | |
| secret: KZLC_GITOPS_TOKEN | |
| repo: kzlc/gitops | |
| frontend: adhp/zlc-frontend | |
| - facility: zkc | |
| name: KZKC | |
| secret: KZKC_GITOPS_TOKEN | |
| repo: kzkcartcc/gitops | |
| frontend: adhp/zkc-frontend | |
| - facility: zid | |
| name: KZID | |
| secret: KZID_GITOPS_TOKEN | |
| repo: zid-wm/gitops | |
| frontend: adhp/zid-frontend | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: ${{ github.event_name == 'push' && (startsWith(github.ref, 'refs/tags/v') || startsWith(github.ref, 'refs/heads/main')) }} | |
| steps: | |
| - name: Set sha_short | |
| id: vars | |
| run: |- | |
| echo "sha_short=$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV | |
| # Set default branch name for PRs, as we still want to test build an image on PRs | |
| # but we have no branch to set a tag for. | |
| branch="test" | |
| if [[ "$GITHUB_REF" == "refs/heads/"* ]]; then | |
| branch="${GITHUB_REF#refs/heads/}" | |
| fi | |
| echo "branch=${branch}" >> $GITHUB_ENV | |
| - name: Checkout ${{ matrix.name }} Gitops Repo | |
| uses: actions/checkout@v3 | |
| with: | |
| token: ${{ secrets[matrix.secret] }} | |
| repository: ${{ matrix.repo }} | |
| path: gitops | |
| - name: Configure git | |
| run: |- | |
| cd $GITHUB_WORKSPACE/gitops | |
| git config user.name "adh-pipeline" | |
| git config user.email "[email protected]" | |
| - name: Setup Kustomize | |
| uses: imranismail/setup-kustomize@v2 | |
| with: | |
| kustomize-version: "5.2.1" | |
| - name: Update dev overlay | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| run: | | |
| cd $GITHUB_WORKSPACE/gitops/overlays/dev | |
| kustomize edit set image ${{ matrix.frontend }}=adhp/frontend:${{ matrix.facility }}-${{ env.branch }}-${{ env.sha_short }} | |
| - name: Update prod overlay | |
| if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
| run: | | |
| cd $GITHUB_WORKSPACE/gitops/overlays/prod | |
| kustomize edit set image ${{ matrix.frontend }}=adhp/frontend:${{ matrix.facility }}-${{ github.ref_name }}-${{ env.sha_short }} | |
| - name: Commit manifests | |
| run: | | |
| cd $GITHUB_WORKSPACE/gitops | |
| git add . | |
| git commit -m "Update manifests for frontend" | |
| - name: Push to gitops repo | |
| run: | | |
| cd $GITHUB_WORKSPACE/gitops | |
| git push origin main | |