update resources #291
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pull Request | |
| on: | |
| pull_request: | |
| env: | |
| REGISTRY: ghcr.io | |
| NAME: esra | |
| jobs: | |
| # check-backend: | |
| # name: Check Backend | |
| # outputs: | |
| # build: ${{ steps.check.outputs.build }} | |
| # env: | |
| # TRIGGERS: ('backend/') | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout repository | |
| # uses: actions/checkout@v2 | |
| # - name: Check and process modified files | |
| # id: check | |
| # run: | | |
| # # Fetch main to diff against | |
| # git fetch origin main:refs/remotes/origin/master | |
| # echo "::set-output name=build::true" | |
| # exit 0 | |
| # # Trigger build if diff matches any triggers | |
| # # TRIGGERS=${{ env.TRIGGERS }} | |
| # # while read -r check | |
| # # do | |
| # # for t in "${TRIGGERS[@]}"; do | |
| # # if [[ "${check}" =~ "${t}" ]] | |
| # # then | |
| # # # Output build=true for next steps | |
| # # echo "::set-output name=build::true" | |
| # # echo -e "${t}\n --> ${check}\n" | |
| # # exit 0 | |
| # # fi | |
| # # done | |
| # # done < <(git diff origin/main --name-only) | |
| # # echo "Container build not required" | |
| # - name: Recycle/retag PROD Image | |
| # if: steps.check.outputs.build == 'true' || steps.check.outputs.build != 'true' | |
| # uses: shrink/actions-docker-registry-tag@v2 | |
| # with: | |
| # registry: ${{ env.REGISTRY }} | |
| # repository: ${{ github.repository }} | |
| # target: ${{ github.event.number }}-backend | |
| # tags: | | |
| # ${{ github.event.number }}-backend | |
| # check-frontend: | |
| # name: Check Frontend | |
| # outputs: | |
| # build: ${{ steps.check.outputs.build }} | |
| # env: | |
| # TRIGGERS: ('frontend/') | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout repository | |
| # uses: actions/checkout@v2 | |
| # - name: Check and process modified files | |
| # id: check | |
| # run: | | |
| # # Fetch main to diff against | |
| # git fetch origin main:refs/remotes/origin/master | |
| # # Trigger build if diff matches any triggers | |
| # echo "::set-output name=build::true" | |
| # exit 0 | |
| # #TRIGGERS=${{ env.TRIGGERS }} | |
| # #while read -r check | |
| # #do | |
| # # for t in "${TRIGGERS[@]}"; do | |
| # # if [[ "${check}" =~ "${t}" ]] | |
| # # then | |
| # # # Output build=true for next steps | |
| # # echo "::set-output name=build::true" | |
| # # echo -e "${t}\n --> ${check}\n" | |
| # # exit 0 | |
| # # fi | |
| # # done | |
| # # done < <(git diff origin/main --name-only) | |
| # # echo "Container build not required" | |
| # - name: Recycle/retag PROD Image | |
| # if: steps.check.outputs.build == 'true' || steps.check.outputs.build != 'true' | |
| # uses: shrink/actions-docker-registry-tag@v2 | |
| # with: | |
| # registry: ${{ env.REGISTRY }} | |
| # repository: ${{ github.repository }} | |
| # target: ${{ github.event.number }}-frontend | |
| # tags: | | |
| # ${{ github.event.number }}-frontend | |
| build-backend: | |
| name: Backend Image Build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Cache Docker layers | |
| uses: actions/cache@v3 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push Backend Docker image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: ./backend/ | |
| push: true | |
| tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ github.event.number }}-backend | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-frontend: | |
| name: Frontend Image Build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Cache Docker layers | |
| uses: actions/cache@v3 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push Backend Docker image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: ./frontend/ | |
| push: true | |
| tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ github.event.number }}-frontend | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| tests-backend: | |
| name: Backend Unit Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Get npm cache directory | |
| id: npm-cache-dir-backend | |
| run: | | |
| echo "::set-output name=dir::$(npm config get cache)" | |
| - uses: actions/cache@v3 | |
| id: npm-cache-backend # use this to check for `cache-hit` ==> if: steps.npm-cache.outputs.cache-hit != 'true' | |
| with: | |
| path: ${{ steps.npm-cache-dir-backend.outputs.dir }} | |
| key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| - name: Cache for test results | |
| id: cache-backend | |
| uses: actions/cache@v3 | |
| with: | |
| path: backend/coverage | |
| key: backend-coverage-${{ github.run_number }} | |
| restore-keys: | | |
| backend-coverage- | |
| - name: Tests | |
| run: | | |
| cd backend | |
| npm ci | |
| npm run test:cov | |
| - name: Report code coverage | |
| uses: romeovs/[email protected] | |
| with: | |
| title: Backend coverage report | |
| delete-old-comments: true | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| lcov-file: ./backend/coverage/lcov.info | |
| tests-frontend: | |
| name: Frontend Unit Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Get npm cache directory | |
| id: npm-cache-dir-frontend | |
| run: | | |
| echo "::set-output name=dir::$(npm config get cache)" | |
| - uses: actions/cache@v3 | |
| id: npm-cache-frontend # use this to check for `cache-hit` ==> if: steps.npm-cache.outputs.cache-hit != 'true' | |
| with: | |
| path: ${{ steps.npm-cache-dir-frontend.outputs.dir }} | |
| key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| - name: Cache for test results | |
| id: cache-frontend | |
| uses: actions/cache@v3 | |
| with: | |
| path: frontend/coverage | |
| key: frontend-coverage-${{ github.run_number }} | |
| restore-keys: | | |
| frontend-coverage- | |
| - name: Tests | |
| run: | | |
| cd frontend | |
| npm ci | |
| npm run test:cov | |
| - name: Report code coverage | |
| uses: romeovs/[email protected] | |
| with: | |
| title: Frontend coverage report | |
| delete-old-comments: true | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| lcov-file: ./frontend/coverage/lcov.info | |
| sonarcloud: | |
| name: Static Analysis | |
| needs: | |
| - build-backend | |
| - build-frontend | |
| - tests-backend | |
| - tests-frontend | |
| if: always() && (needs.build-backend.result == 'success' || needs.build-frontend.result == 'success') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| # Disable shallow clone for SonarCloud analysis | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache for backend test results | |
| id: cache-backend | |
| uses: actions/cache@v3 | |
| with: | |
| path: backend/coverage | |
| key: backend-coverage-${{ github.run_number }} | |
| restore-keys: | | |
| backend-coverage- | |
| - name: Cache for frontend test results | |
| id: cache-frontend | |
| uses: actions/cache@v3 | |
| with: | |
| path: frontend/coverage | |
| key: frontend-coverage-${{ github.run_number }} | |
| restore-keys: | | |
| frontend-coverage- | |
| # - name: SonarCloud Scan | |
| # uses: SonarSource/sonarcloud-github-action@master | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
| # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| # with: | |
| # args: > | |
| # -Dsonar.exclusions=**/test/**,.github/**/* | |
| # -Dsonar.organization=bcgov-sonarcloud | |
| # -Dsonar.javascript.lcov.reportPaths=backend/coverage/lcov.info,frontend/coverage/lcov.info | |
| # -Dsonar.cobertura.reportPaths=backend/coverage/cobertura-coverage.xml,frontend/coverage/cobertura-coverage.xml | |
| # -Dsonar.project.monorepo.enabled=true | |
| # -Dsonar.projectKey=greenfield-template | |
| # -Dsonar.sources=backend,frontend | |
| # -Dsonar.tests=backend/test,frontend/test | |
| deploy-dev: | |
| environment: | |
| name: dev | |
| name: DEV Deployment | |
| needs: | |
| - build-backend | |
| - build-frontend | |
| - tests-backend | |
| - tests-frontend | |
| if: always() && (needs.build-backend.result == 'success' || needs.build-frontend.result == 'success') | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| env: | |
| ZONE: ${{ github.event.number }} | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Deploy | |
| run: | | |
| # Login to OpenShift and select project | |
| oc login --token=${{ secrets.OC_TOKEN }} --server=${{ secrets.OC_SERVER }} | |
| oc project ${{ secrets.OC_NAMESPACE }} | |
| # Database uses a default build | |
| oc process -f .github/openshift/deploy.database.yml -p ZONE=${{ env.ZONE }} | oc apply -f - | |
| # Clean previous image, if rebuilding | |
| if [ ${{ needs.build-backend.outputs.build == 'true' }} ] | |
| then | |
| # Clear stale images for import/replacement | |
| oc delete is ${{ env.NAME }}-${{ env.ZONE }}-backend || \ | |
| echo "No previously imported images have been found" | |
| fi | |
| # Process and apply template | |
| oc process -f .github/openshift/deploy.backend.yml -p ZONE=${{ env.ZONE }} \ | |
| -p PROMOTE=${{ github.repository }}:${{ env.ZONE }}-backend | oc apply -f - | |
| # Clean previous image, if rebuilding | |
| if [ ${{ needs.build-frontend.outputs.build == 'true' }} ] | |
| then | |
| # Clear stale images for import/replacement | |
| oc delete is ${{ env.NAME }}-${{ env.ZONE }}-frontend || \ | |
| echo "No previously imported images have been found" | |
| fi | |
| # Process and apply template | |
| oc process -f .github/openshift/deploy.frontend.yml -p ZONE=${{ env.ZONE }} \ | |
| -p PROMOTE=${{ github.repository }}:${{ env.ZONE }}-frontend | oc apply -f - | |
| # Follow any active rollouts (see deploymentconfigs) | |
| oc rollout status dc/${{ env.NAME }}-${{ env.ZONE }}-database -w | |
| oc rollout status dc/${{ env.NAME }}-${{ env.ZONE }}-backend -w | |
| oc rollout status dc/${{ env.NAME }}-${{ env.ZONE }}-frontend -w | |
| - name: DEV Deployment update | |
| uses: mshick/add-pr-comment@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| allow-repeats: false | |
| message: | | |
| DEV deployments have completed successfully! | |
| Backend: [https://${{ env.NAME }}-${{ github.event.number }}-backend.apps.silver.devops.gov.bc.ca/]() | |
| Frontend: [https://${{ env.NAME }}-${{ github.event.number }}-frontend.apps.silver.devops.gov.bc.ca/]() |